a_Mbam
Honorary Members-
Posts
533 -
Joined
-
Last visited
Reputation
11 GoodRecent Profile Visitors
-
Android app "TimeLimit" installed from F-Droid
a_Mbam replied to TW20's topic in Malwarebytes for Android Support Forum
Hello TW20, Thanks for bringing this to our attention. This warning is from our advanced ransomware scanner. Apps that have elevated privileges and that have been installed using side loading (anything installed outside of Google Play) are flagged as potential ransomware. Installation from outside the Play Store plus elevated privileges are big red flags. Therefore, we warn our customers that a suspicious app was installed that displays ransomware like properties. It’s up to the user to ignore our warnings or not. Ransomware is particularity dangerous, and this warning gives users the ability to cut it off before it’s too late. We will review this app and in the meantime you can add this app the MB for Android's 'Ignore' list. Regards, -Armando -
Hi Fernando1025, I have scanned the file you sent us multiple times and do not see the FP detection. We have no rules in place for your apps. Could you send us screen captures of the detection, to help us track down the issue. MB for Android ver. 3.10.3.96 malware database. 2022.07.19.01 Regards, -Armando
-
AnyDesk on Android detected as ransomware
a_Mbam replied to HarryH's topic in Malwarebytes for Android Support Forum
Hi HarryH, This detection is from the Anti-ransomware protection and is behavioral based. We have fixed and the issue will be resolved in an update later this afternoon. In the meantime I would suggest you do a fresh install from the Play Store https://play.google.com/store/apps/details?id=com.anydesk.anydeskandroid Regards, -Armando- 1 reply
-
- 2
-
WebHp virus on my android
a_Mbam replied to chris2424's topic in Mobile Malware Removal Help & Support
HI Chris, Typically, when an app is uninstalled all the components are removed. Your pwd's and data should be okay, this one is most ads and web redirects. Could you share the app in question with us or the location where you download. I would like to have a look at the app and see its behaviors, is it persistent and for our own research. Thanks, -Armando -
Safe browser scanner for Brave Browser
a_Mbam replied to Clang's topic in Malwarebytes for Android Support Forum
Hi Clang, Thanks for bringing this to our attention, browser phishing detection should work for all browsers, but there does appear to be some inconsistency. In my test of your scenario I had the opposite behavior (works on Brave not on Edge). Safe Browsing will work with Chrome as this is the officially supported browser, per product page. We apologize for the inconvenience. Regards, -Armando -
Phoneleash Trial - Malware?
a_Mbam replied to Costa-VA's topic in Malwarebytes for Android Support Forum
Hi Costa, This app has been classified as a Monitor, because it can monitor and forward incoming messages. If you are familiar with the app and trust it then you can use and 'Ignore' the Malwarebytes detection. This type of detection is primarily to inform users who had this type of app installed unknowingly, for example someone wanting to spy on another. Regards, -Armando -
A false positive in our app:Parrallel App
a_Mbam replied to Alfredddddddd's topic in Malwarebytes for Android Support Forum
Hello, Thanks for reporting this. We have removed the detection, this will reflect in an update later today. Regards, -Armando -
Accidentally clicked on a site on Mobile.
a_Mbam replied to JorgeBon's topic in Mobile Malware Removal Help & Support
Hi JorgeBon, The site looks safe to me and no payloads were dropped. On Android you won't get the file injections or other buffer overflow type behaviors you will see with Window's browsers. Yes, typically an APK or app will need to be installed for the malware to get installed or dropped. There are no 'viruses,' as such, on Android. To protect yourself from apps being installed from a browser or some third party, ensure you have "Install from Unknown Sources', 'Install unknown apps' or similar wording disabled in Android Settings. -Armando -
Deep_logic, Unfortunately not, unless you can find a very good spam filter for Gmail service. This isn't an app or file issue, these events are created from spam emails similar to the Nigerian Prince or Hot Singles type of messages Gmail is flooded with. Google or any other email service that has this issue must fix. -Armando
-
Hello, These calendar events are created from Gmail spam, therefore Malwarebytes for Android cannot detect these as they come in. MBAM for Android is an app and file scanner and does not scan incoming Gmail. This must be a growing issue as Android Authority just published an article on how to remove these nasty events. https://www.androidauthority.com/google-calendar-spam-1022909/ Unfortunately, Google doesn't seem to be taking action on this behavior at this time, so our only recourse is to manually remove these and DO NOT click on the embedded links. Regards, -Armando
-
Hi Booterbotter, Thanks for bringing this to our attention and apologies for the late reply. It appears this app shares some characteristics of a lot of different malware out there. I would suggest if this developer wants to have a unique app they can use a unique digital certificate, that will help distinguish from any other developer's app. Regards, -Armando
-
Android App - Ransomware False Positive - Truple
a_Mbam replied to CamHart's topic in Malwarebytes for Android Support Forum
Hi Camhart, Thanks for reporting this behavior. Your app is likely being flagged as potential ransomware because of the elevated privileges it requests. Also are you side loading to install Truple? Do you get the same behavior if you install from the Play Store? In our tests we don't see your app being detected by Malwarebytes for Android when installed from the Play Store. Installation from outside the Play Store plus elevated privileges are red flags and as a security application we want to warn our customers that a suspicious app was installed and it should be reviewed. Regards, -Armando -
Trojan from Google Play Store - False Positive?
a_Mbam replied to ForeverRogue's topic in File Detections
Hi ForeverRogue, Thanks for bringing this to our attention, this is an FP and we have corrected the rule. The fix will be published in our next update coming later this afternoon. Regards, -Armando