urmask

Cerberusapp for Android receives false positive

4 posts in this topic

Hi!

Android app:

Phone: LG Nexus 5 with Android 6.0.1

 

App versioninfo and falsepositive is seen on images I've attached. 

 

 

I have used Malwarebytes on my Nexus for a year or so, also Cerberus for a long time. This is the first time it gets this error.
I contacted Cerberus's support and they said it's a false positive. More info: https://www.cerberusapp.com/help.php?answer=22

 

I hope you can do something about it. Verify that it's a false positive and maybe remove it from future scan results?

All questions are warmly welcomed.

Urmas

post-198037-0-78389500-1453122590_thumb.

post-198037-0-21999300-1453122591_thumb.

post-198037-0-60383000-1453122591_thumb.

Share this post


Link to post
Share on other sites

Hi Urmask,

 

The Cerberus detection is warn people who might have it installed without their knowledge, apps like this can be used to spy or stalk people. It's classified as a PUP (Potentially Unwanted Program) and people who knowingly installed and are aware of its power can ignore the detection and add to MBAMM's scanner Whiitelist.

 

for reference http://www.npr.org/sections/alltechconsidered/2014/09/15/346149979/smartphones-are-used-to-stalk-control-domestic-abuse-victims

 

Regards,

 

-Armando

Share this post


Link to post
Share on other sites

With respect to all at Malwarebytes, I have to disagree.

 

Whilst I accept there are many users of Malwarebytes on their mobile devices who are not IT savvy, simply casting Cerberus as a PUP is unwarranted and potentially damaging to parties not limited to the creators of Cerberus exclusively.

 

We are a support company with a modest client base who we do our utmost to care for. We have received several questions over the detection of Cerberus via Malwarebytes recently. Because we care about our customers are recommend Cerberus to protect their device from theft and Malwarebytes to protect them from everything Malwarebytes covers. Most customers accept it's a false positive and exclude it from future detection, but some question our recommendation of Cerberus in the first place "because it's detected by Malwarebytes." As you can see, this has the potential to hurt both software houses, not because it's detected, but because it's detected without sufficient information for the average user to make an informed decision. A customer has a number of choices, including removal of one piece of software - either Malwarebytes or Cerberus. Personally I'd prefer they kept them both!

 

So how about a logical approach? Keep Cerberus as a PUP detection, but EXPLAIN it to the average user. All it would take is a small amount of text to be supplied with the detection (via a more info button or link) stating that Cerberus is not in itself malicious, but it potentially could be misused if installed unbeknownst to the devices owner. That's it! Problem solved and everyone is happy. What do you say MB folk? Can we call this a 'given'? 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.