{"id":7127,"date":"2017-03-27T09:10:18","date_gmt":"2017-03-27T17:10:18","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/03\/27\/news-918\/"},"modified":"2017-03-27T09:10:18","modified_gmt":"2017-03-27T17:10:18","slug":"news-918","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/03\/27\/news-918\/","title":{"rendered":"Mobile Menace Monday: Preinstalled adware and sometimes worse"},"content":{"rendered":"

Credit to Author: Nathan Collier| Date: Mon, 27 Mar 2017 16:00:52 +0000<\/strong><\/p>\n

BLU manufactured mobile devices have been\u00a0discovered with preinstalled adware known as Android\/Adware.YeMobi.<\/p>\n

Behavior of YeMobi<\/h3>\n

The incriminating behavior of adware YeMobi is its ability to launch the default browser on a mobile device and use it to display ads. There is an unusual element to this as well\u2014it only displays ads while the Google Play<\/em> store app is running. \u00a0As seen in the code below, if com.android.vending <\/em>(the Google Play store app) is active, activity MessageLoadDetail<\/em> is loaded. \u00a0Activity\u00a0MessageLoadDetail<\/em> then goes onto to display ads.<\/em><\/p>\n

\"\"<\/p>\n

The rise of preinstalled malware<\/h3>\n

Buying a new phone only to find it comes preinstalled with adware or even more dangerous malware is frustrating.\u00a0 Trust us, it\u2019s just as frustrating not being able to remove these apps for our customers.<\/p>\n

With the\u00a0ease of selling online, Android devices re-imaged with custom ROMs(\u201cRead-Only Memory\u201d) containing preinstalled shady\/malicious apps are starting to appear more and more on the online marketplace. \u00a0Sellers can easily re-image an Android device with a custom ROM which replaces the default operating system\u2014typically stored in read-only memory. Sellers then turn around and sell these devices for cheap online.<\/p>\n

Just like when installing apps, it\u2019s important to buy your mobile device from trusted sources.\u00a0 Avoid buying devices online from untrusted\u00a0sellers\/stores; even if the price is hard to pass up.<\/p>\n

Disabling YeMobi and other preinstalled apps<\/h3>\n

In order to keep essential operating system apps from being removed on Android devices, you cannot <\/strong>uninstall preinstalled apps. However, you can disable some preinstalled apps\u2014like Adware YeMobi. Simply go into settings > apps, find the YeMobi app, open its settings, and disable it via the Disable <\/em>button.<\/p>\n

Finding preinstalled malware on your device can be tricky\u2014a mobile scanner can assist with finding them for you. Malwarebytes Anti-Malware Mobile<\/a> detects Adware YeMobi along with other preinstalled malware\u00a0and can be found for FREE on Google Play<\/a>.<\/p>\n

As always, stay safe out there!<\/p>\n

The post Mobile Menace Monday: Preinstalled adware and sometimes worse<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Nathan Collier| Date: Mon, 27 Mar 2017 16:00:52 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
BLU manufactured mobile devices have been discovered with preinstalled adware known as Android\/Adware.YeMobi.<\/p>\n

Categories: <\/p>\n