Jump to content

mbam_mtbr

Staff
  • Content Count

    864
  • Joined

  • Last visited

Everything posted by mbam_mtbr

  1. Hi @Concerned_Citizen, Sounds like you've done some deep research on this. Which model was the phone? I assume you had the UMX (Unimax)? Yes, that sounds like the same behavior I observed for "CleanMaster" myself. Base64 and emulator/VM aware is also common among Android/Trojan.HiddenAds variants. These are also HiddenAds: com.concreteroom.thenorthpole-1.apk 26333a6d48deddd3305c07b5ee00bb6e com.democratizing.casualness-1.apk 82ecf170914d360992e230e0929fc0b8 com.spidmes.peaus-1.apk fde7346273d4561b306828615412899d There are many, many variants of Hidde
  2. Hi @cfowler, If you could sen an Apps Report, I can look further into this issue. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum. This allows our s
  3. Hi @gero242000, Android/Trojan.Rootnik.sno is a variant of Rootnik which has the ability to root mobile devices without user's permission. If you like to send an Apps report, we can see if your device was rooted and look more into the exact app causing this. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app wil
  4. Hi @Daboomie, Just looks like a website that is a phone directory in Dutch. Unless you agreed to install something, very low chances you infected yourself with anything. Nathan
  5. Hi @MitKit Anyway you could get me a screen shot of the Malware Database version, and the detection? Nathan
  6. Hi @MitKit, You can force the malware database to update in Malwarebytes for Android doing the following: In the upper-left corner of your screen, tap the Menu icon. Scroll down and tap Settings. Tap Other. Tap Force update. You can then check the malware database by: In the upper-left corner of your screen, tap the Menu icon. Scroll down and tap About. Tap the down arrow by App version. Nathan
  7. Hi @AndroidS9User, It just takes some time for it to propagate across all Google PLAY's servers. Nathan
  8. HI @RandomisedNameforHelp, So this is only happening on www.theguardian.com? @skeptical, is this only happening on www.theguardian.com as well? Are you using PC or Android? Nathan
  9. Hey @Yousif & Everyone, Thanks for bringing this to our attention. This issue has been resolved and will no longer be detected in future database versions. Thanks again, Nathan
  10. Hi @Irene2019, The version provided will no longer be detected in future database versions. Thanks again, Nathan
  11. Hi @Irene2019, Could you provide a Google PLAY link? We are having trouble finding ToTok on Google PLAY. Nathan
  12. Hi @smmi, Here's the Google PLAY link: https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware What Android OS version are you running? Nathan
  13. Hi @Gummo, So are you wondering if BirdNET is spyware? It appears to be clean by our analysis. Nathan
  14. Hi @Baldape, In the case of StrandHogg, it is true that it's an exploit as @exile360 explained. However, it's an exploit coded within Android/Trojan.Bankbot which we do detect. So yes, in a round about way, we detect StrandHogg. Nathan
  15. Hi Everyone, Our dev team is looking into the file scanning issue, and should be resolved in our next release. @AndroidS9User, we are looking into the Galaxy Store issue as well. Nathan
  16. Hi @Jubbahey, The best option is the submit a ticket to support. They will be better able to assist you with this issue. Nathan
  17. Hi @Reveninc I was referring to the system update since you mentioned you updated to Android 10. Sorry I didn't make that more clear. Nathan
  18. Hi @Jubbahey, Do you recall what version of Malwarebytes this was happening on? Nathan
  19. Hi @AndroidS9User, Thanks for all the info! My analysis came from my own phone, a Pixel 2 on Android 10. Something weird is going on here, but I thought it was just not reporting the files being scanned in real-time. Here's a screen of my personal device after a scan. So did this start happening to you after the May update from Google as well? Could you create an official support ticket referencing this forum post? @Nameless27 Do you have a Samsung as well, and this started happening after the May update from Google as well? Thanks @Reveninc for already su
  20. Hi @dwight007, These types of ads are usually browser related. This is caused by the way most browsers handle redirections executed by javascript code. Most browsers don't do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this, and exploit this weakness. Even if an advertising affiliate is shut down for using this exploit, they just come back with a different affiliate id and are right back at it. The best way to block these pop-ups are to try a different browsers, disable javascript, install a browser with ad bloc
  21. Hi @Gt-truth, Thanks for letting us know. We'll look into the issue. And I was going to suggest Malwarebytes > setting > upgrade to Premium, but it seems you already figured that out. 😀 It price should be $1.49 per month, or $11.99 per year Nathan
  22. Hi @Reveninc, Could do me a favor and post a screen shot AFTER the scan is done? After the scan is done it should show 'x' amount of files scanned. One way or another, be ensured that we ARE scanning files. Nathan
  23. Hi @RitaC, These types of ads are usually browser related. This is caused by the way most browsers handle redirections executed by javascript code. Most browsers don't do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this, and exploit this weakness. Even if an advertising affiliate is shut down for using this exploit, they just come back with a different affiliate id and are right back at it. The best way to block these pop-ups are to try a different browsers, disable javascript, install a browser with ad blocking
  24. Hi @maksimog, Thanks for bringing this to our attention. We will re-analyze this APKs. Thanks again, Nathan
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.