Jump to content

Virus detected popup on Android 6


Recommended Posts

I was browsing what appeared to be a legitimate site using Android 6,01, Chrome 54.0.2480.85. The phone has Malwarebytes, Kaspersky, and CCCleaner. Popups are blocked in Chrome. Java is enabled. I do not download any software except that arriving by system notification (and of course, MB, Kasp, and CCC). There aren't any apps listed that don't seem to be legit.  

 

A popup appeared saying "Your device is heavily infected" etc. Scans by MBytes and Kaspersky were negative. I flushed the cache to make sure not to visit the site again. So far, no more popups. 

 

What mechanism was likely used for this attack? Is there any additional software that might help block or detect such attacks? 

 

Thank you.  

Link to post
Share on other sites

  • 2 weeks later...

The mechanism is getting you to respond to the message.  Usually, the only two appropriate responses are to close the browser or pull the battery.  Assume there was also some: "click here to clean your device, cure cancer and make the world a better place all at the same time" button, and if you are unfortunate enough to click on it, it often proceeds to encrypt your phone and the ransom ware payload has been delivered.  You seem to have dodged the bullet, so congratulations.  Recent and complete backups are also very useful.  When in doubt, do not click.  Used to be alleged pictures of the tennis player Anna Kournikova.  The enticements vary over time.  When in doubt, do not click.

Merry Christmas.

Link to post
Share on other sites

On 12/25/2016 at 2:04 PM, GeoNez said:

The mechanism is getting you to respond to the message.  Usually, the only two appropriate responses are to close the browser or pull the battery.  Assume there was also some: "click here to clean your device, cure cancer and make the world a better place all at the same time" button, and if you are unfortunate enough to click on it, it often proceeds to encrypt your phone and the ransom ware payload has been delivered.  You seem to have dodged the bullet, so congratulations.  Recent and complete backups are also very useful.  When in doubt, do not click.  Used to be alleged pictures of the tennis player Anna Kournikova.  The enticements vary over time.  When in doubt, do not click.

Merry Christmas.

Thanks, GeoNez.   

Link to post
Share on other sites

  • 1 month later...
On 12/26/2016 at 2:34 AM, GeoNez said:

The mechanism is getting you to respond to the message.  Usually, the only two appropriate responses are to close the browser or pull the battery.  Assume there was also some: "click here to clean your device, cure cancer and make the world a better place all at the same time" button, and if you are unfortunate enough to click on it, it often proceeds to encrypt your phone and the ransom ware payload has been delivered.  You seem to have dodged the bullet, so congratulations.  Recent and complete backups are also very useful.  When in doubt, do not click.  Used to be alleged pictures of the tennis player Anna Kournikova.  The enticements vary over time.  When in doubt, do not click.

Merry Christmas.

Very much thanks, actually sound info...........

Link to post
Share on other sites

On 12/14/2016 at 8:19 AM, JoelS said:

I was browsing what appeared to be a legitimate site using Android 6,01, Chrome 54.0.2480.85. The phone has Malwarebytes, Kaspersky, and CCCleaner. Popups are blocked in Chrome. Java is enabled. I do not download any software except that arriving by system notification (and of course, MB, Kasp, and CCC). There aren't any apps listed that don't seem to be legit.  

 

A popup appeared saying "Your device is heavily infected" etc. Scans by MBytes and Kaspersky were negative. I flushed the cache to make sure not to visit the site again. So far, no more popups. 

 

What mechanism was likely used for this attack? Is there any additional software that might help block or detect such attacks? 

 

Thank you.  

if a popup says your device is heavily infected and its not from your antivirus or antimalware, ignore it,its a scam.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.