Jump to content

Recommended Posts

I'm having an issue with my UMX android phone with some sort of adware virus I believe. I use Google Chrome as my main browser and for the last few months, when I click on Google Chrome and even when I'm not using Google Chrome it redirects me to weird websites like hastopic.com and weekhot.codeblogbt.com and random apps like ThemeLightBlue or YourTube that hijack my phone screen with some sort of Tarot game. This also makes my phone run really slow. I've cleared all chrome history and data and factory reset my phone 3 times. Each time I factory reset it, it starts doing the same thing ranging from between 3 days to a few hours. After the most recent factory reset it changed my home tab on android to something like gdd news. I've had Malwarebytes installed, it doesn't even detect YourTube as malware and says it's safe even though I didn't install it and it's not listed in the app store. These apps also try and disguise themselves as system apps. As I'm typing this an app on my phone popped up called Jungle Treasure which is actually on the Google Play app store but I did not confirm installation for. 

Screenshot_20201101-144820.png

Link to post
Share on other sites
  • Staff

Hi @ScciVcci,

If you could send me an Apps Report, I can look further into this for you.

To send an Apps Report with Malwarebytes for Android use the following instructions.

1. Open the Malwarebytes for Android app.

2. Tap the Menu icon.

3. Tap Your apps.

4. Tap three lines icon in upper right corner.

5. Tap Send to support

Choose an email app to send Apps Report.

Your email app will open with the Apps Report included.

At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum.  This allows our support staff to know where to direct it.

By sending the Apps Report, you will create a ticket in our support system.

Private Message (PM) me the email used and/or the ticket number assigned.

Nathan

Link to post
Share on other sites

I'm also having this issue (also on a UMX phone)- Android keeps installing Yourtube even after a factory reset and then I end up with popups to tarot card games.  Malwarebytes scans the app and finds no problems. 

I did have these issues before after initially receiving the phone and I suspected the malware was embedded in the firmware itself, but a firmware update seemed to remove the malware and fix the issue (I've gone months without the problem).  There was a firmware update relatively recently, I can't think of any other reason for it to suddenly start up again. 

Screenshot_20201104-104611.jpg

Screenshot_20201104-105229.jpg

Link to post
Share on other sites
  • 3 weeks later...

I am having the exact same problem with the exact same phone through Assurance Wireless. Came after the last firmware update. Phone is basically unusable at this point, and they could care less. I also have a friend with same phone through Assurance, exact same problem. So much for Lifeline...

Link to post
Share on other sites

My phone also became an unusable brick after a week or so, it constantly locked up and failed to respond. 

The solution I've found for now is to do a factory reset, then keep wifi and data off as much as possible and avoid updating anything just in case.  No malware has become active yet and I can use the phone for SMS messages and calls at least.  It seems like it's the wifi in particular that is important to keep off, I've left data on for a few hours at a time for things like my driving app and nothing bad has happened yet. 

Link to post
Share on other sites
  • Staff

Hi @Chipperbad,

If you could send me an Apps Report as well (instructions in my post above) that would be super helpful!  It sounds like UMX and the Settings app is at it again: https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/

I have been looking into this for awhile now, and even have a UMX test phone.  Unfortunately, I haven't been able to reproduce what everyone is seeing myself.  However, if I have enough proof that the Settings app is indeed causing issues again, I'll go ahead and add a detection.

Nathan

Link to post
Share on other sites

Same exact issue as everyone else, since September/October 2020. Factory resets, system updates, nor security patches helped me.

My solution. AVG detects it and disabling Google Play Store keeps it off. Everytime I enable GPS, [they] come back. 

Assurance phone, the rest is in the screenshot. Best of luck.

Screenshot_20201129-154825.thumb.png.ec907c27ce2b4da4a361d39a8e1f6eaa.png

 

Link to post
Share on other sites

Hi @mbam_mtbr

I have been experiencing the same issues as the others, also using a UMX phone. Had the device for appr. 2 yrs., no issues. This started about a month or 2 ago. Beginning with the device running super slow, then strange little characters running across any screen I was on. Really weird. Finally I decided to try Malwarebytes; I wasn't aware there was a version for Android, but have used the software on Windows PCs for years. Found the same as mentioned above, the tarot card thing, some other game site, YourTube kept installing itself (after being uninstalled); now it's either the 'connect app' (all lower case) or most often, 'Android/Trojan.HiddenAds.OBJS.

Very troubling indeed, particularly when I'm away from home and / or need to use my GPS app. All I get is a frozen phone, restart (sometimes after having to remove the battery to power off!) and MBytes finds & deletes the shenanigans, only to have it reinstall & the device is frozen again, etc. etc. etc. Thanks a bunch, Assurance Wireless! A**holes! Here's hoping you can help eliminate this mess! Thanks for your time.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.