Possible android virus

Scorched97

Estimable
Jun 27, 2015
1
0
4,510
My phone is Gsmart Mika M3 running android 4.4.2.
I recently downloaded the new Mr. Robot game(APK) by telltale games from ihackedit.com. After installing the game i didnt get any shortcuts on the screen or in the menus. So i checked in apps and found this:

https://www.dropbox.com/s/0or8pke6rdbnwkw/Screenshot_2016-08-18-13-44-43.png?dl=0

It shows an application without any icon and after tapping on it i see that all the buttons are greyed out except for the clear cache one:

https://www.dropbox.com/s/dug8svibc541s3h/Screenshot_2016-08-18-15-52-06.png?dl=0

I checked the app's permissions:

https://www.dropbox.com/s/4c6infrggg05gp9/Screenshot_2016-08-18-13-44-31.png?dl=0

When scrolling down in app info:

https://www.dropbox.com/s/z7a3aql1z5zi690/Screenshot_2016-08-18-13-44-51.png?dl=0

I didnt know what this was so i decided to take some rest. After unlocking my phone while wifi/data was on, my screen became white and i was redirected to an ad/malware (my browser(chrome)was not turned on, it happened immediately after unlocking):

https://www.dropbox.com/s/i56n1nzk0s7u6n0/Screenshot_2016-08-18-15-46-49.png?dl=0

The redirecting doesnt happen if my wifi is turned off.

UPDATE: I tried scanning my phone using CM Security and Asus mobile security and except for turning off "Allow installing from unsecure sources" the scan came out clean. After that i connected my phone to my pc and scanned it using malwarebytes and microsoft security essentials and it still came out clean. The redirecting is still happening when im connected to the internet.

If anyone has some questions or help, please answer.
 
Solution
So you downloaded a game that was NOT in the google play store and you are shocked to have a virus.

FYI your Windows AV is not going to find an android virus being mounted to your system via USB. Even if it had the definition files for it (which it doesn't), your phone does not mount the actual OS portion of the internal storage and your PC would have no ability to modify it anyways.

You have two options, either root your phone and remove all traces of the virus (much easier said then done, and you risk bricking it trying to root it), or do a factory reset and learn your lesson about using apps NOT from the play store unless you absolutely 100% about that APK.
 

shahbaz200

Honorable
Apr 20, 2012
287
0
11,260


Ok I see, permissions doesn't seems to be harmful, but at the same time you can't uninstall it, so I suspected at as some administration permissions. Go to Settings -> Security -> Device administrator, see if anything suspicious is listed here, if yes disable it.
If there's is nothing give me EXACT link of that app, I will install it on my phone and deliberately infect mine (for you <3) and give you procedure to get rid of it.


And just for my increase of knowledge, did you had Avast before installing game?
 
Solution