Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

2 Neutral

About a_Mbam

  • Rank
    Elite Member

Recent Profile Visitors

26,827 profile views
  1. Hi JorgeBon, The site looks safe to me and no payloads were dropped. On Android you won't get the file injections or other buffer overflow type behaviors you will see with Window's browsers. Yes, typically an APK or app will need to be installed for the malware to get installed or dropped. There are no 'viruses,' as such, on Android. To protect yourself from apps being installed from a browser or some third party, ensure you have "Install from Unknown Sources', 'Install unknown apps' or similar wording disabled in Android Settings. -Armando
  2. Deep_logic, Unfortunately not, unless you can find a very good spam filter for Gmail service. This isn't an app or file issue, these events are created from spam emails similar to the Nigerian Prince or Hot Singles type of messages Gmail is flooded with. Google or any other email service that has this issue must fix. -Armando
  3. Hello, These calendar events are created from Gmail spam, therefore Malwarebytes for Android cannot detect these as they come in. MBAM for Android is an app and file scanner and does not scan incoming Gmail. This must be a growing issue as Android Authority just published an article on how to remove these nasty events. https://www.androidauthority.com/google-calendar-spam-1022909/ Unfortunately, Google doesn't seem to be taking action on this behavior at this time, so our only recourse is to manually remove these and DO NOT click on the embedded links. Regards, -A
  4. Hi All, This has been fixed, the fix will be in today's malware database v2018.04.03.01. Thanks for your patience. Regards, -Armando
  5. Hi DanteMwangi, Thanks for bringing this to our attention. We have adjusted detection for this app and fix will be in our Dec. 5, 2017 malware database update. Regards, -Armando
  6. Hi Booterbotter, Thanks for bringing this to our attention and apologies for the late reply. It appears this app shares some characteristics of a lot of different malware out there. I would suggest if this developer wants to have a unique app they can use a unique digital certificate, that will help distinguish from any other developer's app. Regards, -Armando
  7. Hi Camhart, Thanks for reporting this behavior. Your app is likely being flagged as potential ransomware because of the elevated privileges it requests. Also are you side loading to install Truple? Do you get the same behavior if you install from the Play Store? In our tests we don't see your app being detected by Malwarebytes for Android when installed from the Play Store. Installation from outside the Play Store plus elevated privileges are red flags and as a security application we want to warn our customers that a suspicious app was installed and it should be reviewed.
  8. Hi ForeverRogue, Thanks for bringing this to our attention, this is an FP and we have corrected the rule. The fix will be published in our next update coming later this afternoon. Regards, -Armando
  9. Hi plataxis and Rk_4894, I suspect those apps have malicious libraries embedded in them to load dynamically. This has become a big issue where devices come preinstalled with malicious apps and the apps cannot be removed using Android's uninstaller. These apps on your device should not be trusted, there are a few things you can do. - Disable the app – Can be done via Android Settings -> Apps -> bad app -> Force stop/disable This will prevent the app and any associated services from running. - Root your device and uninstall the malicious apps. Usually re
  10. Hi Quixotic1ca, Thank for reporting this to us. The information you provided doesn't tell us much about the detections. Could you provide a screen cap of the scan results or post what MBAMM detects these files as? This will help us determine if they are an FP or not. Regards, -Armando
  11. Hi Naiexcerth, Unfortunately with these system files you won't be able to uninstall without system privileges which would require rooting your device. Resetti--ng your device or installing a trusted ROM might be worthwhile if your current software images is preinfected. Regards, -Armando
  12. Hi Maheshgiri, Thanks for the update, I'm glad to hear you were able to get malicious apps removed. Regards, -Armando
  13. Hi Baldape, Based on those names nothing stands out as being malware. Are you still receiving these texts, this could also be a phishing attempt? Regards, -Armando
  14. HI SoLoM, This is an odd one for sure, one thing I can think of that might be happening is if your devices are synced to the same landing page. That page could have some rogue advertising that is causing these popups. I would suggest clearing out your browser history, its likely a cookie that keeps pointing to these URLs. If you sync your browsers with your desktop temporarily disable and cleanup the any potential infections—the bad URL could be replicating to your mobile device. Regards, -Armando
  15. Hi Nads, It sounds like your browser is setup to open to a certain page that has this redirection. Unfortunately or maybe fortunately this is not malicious app causing this but ads residing on the site. This is a browser related redirection, I would suggest clearing the cache/data for any browser you use Chrome, Samsung, etc. Regards, -Armando
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.