Jump to content

False Positive cheftak.apk

m_androiddev
 Share

Recommended Posts

m_androiddev

m_androiddev

Posted
Posted
Hello
We produce an application called cheftak and malwarebytes founds that as a Trojans on our client’s phones.
photo5854782208705934606.jpg.1e13e7a45fb64f552d4583564ec80062.jpg
apk file uploaded to virustotal and No engines detected this file. ("https://www.virustotal.com/gui/file/e658b56fbac942dae97ecb5e7849003e8ad3f760fbc782a959b1bc88e66611f6/detection").
Cheftak has high qualities and it's safe to other antivirus apps but unfortunately there is a problem.
Cheftak is similar to apps like applock and we used our ideas and considering copy rights rule in our app.
We are young developers and have developed this app for 2 years and this problem cause a financial
dissater for us just because of 10,000 uninstall of our app.
Cheftak is available at café bazar app with below address:
https://cafebazaar.ir/app/com.cheftak?l=en
We were attach the app(cheftak.zip) for you and have hope for your coresponding answer as soon as possible.
 
 
 
 
 
 
Link to post
Share on other sites
m_androiddev

m_androiddev

Posted
  • Author
Posted
4 hours ago, mbam_mtbr said:

HI @m_androiddev,

Thanks for bringing this to our attention.  This issue has been resolved and will no longer be detected in future database versions.

Thanks again,

Nathan

thank you very much.
We tested the application again. But unfortunately, he still knows Chaftak as a trojan. When will this problem be fixed on android phones?

Link to post
Share on other sites
  • Staff
mbam_mtbr

mbam_mtbr

Posted
  • Staff
Posted

Hi @m_androiddev,

The change is in Malware Database 2021.02.15.01:

Screenshot_20210216-093050.thumb.png.76b431b7340d08203bb36c17da488298.png

If you are not on this version, I would try to force an update: Manually update database in Malwarebytes for Android

If you're referring to the Ransomware detection, there isn't anything we can do about that.

Screenshot_20210216-093252.thumb.png.b8516063984f38d8fa436b3defd5381f.png

This warning is from our advanced ransomware scanner.  Apps that have elevated privileges and that have been installed using side loading (anything installed outside of Google Play) are flagged as potential ransomware.

Installation from outside the Play Store plus elevated privileges are big red flags. Therefore, we warn our customers that a suspicious app was installed that displays ransomware like properties. It’s up to the user to ignore our warnings or not.

Ransomware is particularity dangerous, and this warning gives users the ability to cut it off before it’s too late.

Thanks for reaching out,

Nathan

  • Like 1
Link to post
Share on other sites
  • Staff
mbam_mtbr

mbam_mtbr

Posted
  • Staff
Posted
16 hours ago, m_androiddev said:

Thank you @mbam_mtbr

Ransomware detection is displayed for the cheftak.apk. But for another application that has not been downloaded from  Play Store and does not even exist in it, There is no problem .We will attach the screen and the scanned file dordaneh_V15_Final.zip for review. Thanks for explaining this.

Screenshot_20210217-002633_Malwarebytes.jpg.86cffd62df49a6e093001ec11df58fcf.jpg

This is because dordaneh_V15_Final doesn't elevated privileges.  Thus, it's not a threat of being ransomware.

Nathan

  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept