Jump to content

trojan.smspy.hy detection listed cannot be removed


Recommended Posts

My Mobile Malwarebytes notified me of an android/trojan.smspy.hy detection in /system/app/BasicSmsReceiver/BasicSmsReceiver.apk. When I select it and then the Delete button, however, Malwarebytes asks me if I want to uninstall the app and then fails to remove it when I confirm the removal.

I can't find anything about this detection via a search on Google or Malwarebytes.org. Is this a valid detection or possibly a false positive? If valid, what are my next steps?

Link to post
Share on other sites

I should add that I too am using a Nexus 7, and I updated to Lollipop within the last week, so maybe it's a false detection due to something on the Nexus 7 devices or Nexus devices running Lollipop?

Also, I have only installed Adobe Photoshop within the last couple of days, through the Google Play store, which Malwarebytes Mobile ok'd. So, I don't think that's the culprit, however, on Friday, I did update a number of apps through the Play store - Gmail, Google, Google Maps, My Fitness Pal, and some others.

Maybe those updates caused Malwarebytes to think I have an infection?

Bp1945 - did your Nexus do similar updates, to your knowledge?

Link to post
Share on other sites

I updated to Lollipop very recently too, and I have had updates in the last few days, though I didn't notice which apps were involved.  (I don't have Adobe Photoshop or My Fitness Pal so we can definitely rule those out as culprits.)   

 

I think you are right and this is going to turn out to be a false positive due to something added to our machines during a recent app update.

Link to post
Share on other sites

I can also report the same problem on two devices. A Nexus 7 (2013) LTE and a Nexus 7 (2012) HSPA.

 

Both recently updated to Lollipop and I do not recall installing any new apps lately, just updates to existing apps.

 

Malwarebytes recently reports the Trojan.SmsSpy.hy on both devices. I've since installed Bitdefender on both devices and that tells me that both devices are fine.

Link to post
Share on other sites

This issue is still being reported each time Malwarebytes Mobile scans on my Nexus 7. I'm guessing that since others have used additional scanners and come up clean, it's a false positive specific to the N7s running Android 5.0.2. All the same, can someone from Malwarebytes reply to this thread to confirm whether it's a false positive on our Nexus devices or whether we should just kick our devices back to factory to get rid of a legitimate infection?

Link to post
Share on other sites

I'm planning on white-listing this supposed infection.  It seems that the BasicSmsReceiver is what is says, an SMS receiver - yes folks, the Nexus 7 using Lollipop can actually receive text messages.   I don't think I've seen this documented, but it does work.

Link to post
Share on other sites

Hello Everyone,

 

In regards to this detection it is a false positive. We have updating our database and this should not happen anymore. Make sure to update your database on your phone and check to see if you are still seeing this.

Link to post
Share on other sites
  • 3 months later...

Yesterday MB found trojan.smsspy on my Nexus 7 (with mobile data, which I don't use, and running Android 5.1.1). Adding it to the MB Whitelist (Simple message receiver com.android.basicsmsrecever) gets it off my back, but clearly this is not the answer.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.