New Member
Hi. Since around yesterday, random ads started popping up at apps and my home screen and I was constantly redirected to Chrome and Google Play Store.

Can someone tell me the most common malicious apps? If it turns out that there are no malicious apps installed on my galaxy s5, why are there so many ads? I've never had ads in my home screen or apps until yesterday. Even as I am writing this, I am constantly redirected to a new tab which opens up ad-filled websites. Anyway, thanks for reading this. I hope you can help me.
Last edited by a moderator:
Reactions: upnorth

Deleted member 65228

Do a factory reset, but before doing so, backup your important photos/videos/music (general media). Then re-install applications you know are safe and don't install anything else. Keep external sources for installation disabled if you enabled it, and un-root if you rooted. There are many different types of malware for Android/iOS, and Google Play is not all as safe as some think just because its owned by Google. Malware is found on there constantly.


Level 28
Content Creator
I agree with @Opcode and with such an old Android version I personal would be very careful strolling around on the net and also what app/s I install ( there permisson settings, if they seam regular updated, reviews and ofcourse only downloaded from the Google Play Store. Goes for any apps IMO even on a brand new Android version. )

The problem keeping up with what apps are malicious is that when they are found by Google they normaly tends to be deleted from the Play Store and that's fine but how do you or anybody else now know if what you already have installed on your phone/tablet etc is or is not considered by Google as malicious? Use the Scan option inside the Play Store app. (y)

Malicious apps will for sure still popup in Googles Play Store but with a little bit of common sense and also simply ask here on MT about any app/s before you install it will automatic make the whole experience much smoother, comfortable and safer. :coffee:

tim one

Level 21
Malware Hunter
Agreed with the above comments.

Malicious app can allow code at runtime, patch the process relocation table and get the base pointer of the module using dlopen for example.
Given its pointer it search the symbol inside the reloc table by index and finally patching it with its own hook function address.
Once the hook function is called, it will log its parameters and then call the original function.
It seems newest Android versions will block calls to dlopen from within a non-privileged process but I'm not entirely sure.