Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,738,867 Members 41,547 Now Online
XDA Developers Android and Mobile Development Forum

[Q] Nexus 4 malware attack? Help please!!

Tip us?
 
muso_ed
Old
#1  
Junior Member - OP
Thanks Meter 0
Posts: 2
Join Date: Jan 2014
Default [Q] Nexus 4 malware attack? Help please!!

Hi All,
This is my first post on XDA and I hope that I'm posting in the right place!

I have a Nexus 4, 4.4.2 which has never been rooted. For what it's worth, I've always run AV software (Lookout from day 1, subsequently Kaspersky) and only downloaded from the Play Store. (I have always had 'Unknown Sources' unticked). I'm pretty careful with permissions.

In hindsight (a wonderful thing) things started shortly after one of the Kitkat OTA updates. Not absolutely sure which…
One evening, my lock screen clock suddenly showed my time as 3 hours ahead (i.e. Moscow: I'm in the UK) along with a rectangle giving my home time zone time. I googled the symptoms and it seemed widely reported so I just put it down to an update bug and carried on.

However, I've recently been having large, unexplained, data spikes in seemingly innocuous programs. Specifically, I had a 6GB spike attributed to Opensignal. I uninstalled Opensignal, but the data use continued, albeit on a smaller scale, reported in Data Usage as 'Removed Apps'. This was definitely data use *after* the program was removed: I altered the sliders to focus on the time after uninstall.

To be on the safe side, I gritted my teeth and performed a factory reset and altered my important passwords.

However, this is happening again.
'Removed App' data use has started increasing once more and have just had another large data spike attributed to, of all things, Kaspersky. Over 600MB in a day. All data is now turned off, but possibly too late?

Do I have to assume that the phone is well and truly hacked? If so, am I going to have to unlock and root the phone and side load a factory image from Google, or is there an easier route?

Many thanks in advance for any help.

Cheers,
Edward.
 
Berrydroidcafe
Old
#2  
Berrydroidcafe's Avatar
Senior Member
Thanks Meter 230
Posts: 1,021
Join Date: May 2011
Location: Cleveland Ohio - San Diego Ca
Quote:
Originally Posted by muso_ed View Post
Hi All,
This is my first post on XDA and I hope that I'm posting in the right place!

I have a Nexus 4, 4.4.2 which has never been rooted. For what it's worth, I've always run AV software (Lookout from day 1, subsequently Kaspersky) and only downloaded from the Play Store. (I have always had 'Unknown Sources' unticked). I'm pretty careful with permissions.

In hindsight (a wonderful thing) things started shortly after one of the Kitkat OTA updates. Not absolutely sure which…
One evening, my lock screen clock suddenly showed my time as 3 hours ahead (i.e. Moscow: I'm in the UK) along with a rectangle giving my home time zone time. I googled the symptoms and it seemed widely reported so I just put it down to an update bug and carried on.

However, I've recently been having large, unexplained, data spikes in seemingly innocuous programs. Specifically, I had a 6GB spike attributed to Opensignal. I uninstalled Opensignal, but the data use continued, albeit on a smaller scale, reported in Data Usage as 'Removed Apps'. This was definitely data use *after* the program was removed: I altered the sliders to focus on the time after uninstall.

To be on the safe side, I gritted my teeth and performed a factory reset and altered my important passwords.

However, this is happening again.
'Removed App' data use has started increasing once more and have just had another large data spike attributed to, of all things, Kaspersky. Over 600MB in a day. All data is now turned off, but possibly too late?

Do I have to assume that the phone is well and truly hacked? If so, am I going to have to unlock and root the phone and side load a factory image from Google, or is there an easier route?

Many thanks in advance for any help.

Cheers,
Edward.
I know you probably isn't going to like this, but for the most part, apps like Kaspersky and lookout does a lot of phoning home, thus use a lot of data. Some will say they are useless, but that's a judgment call. I have tried them but usually end up getting rid of them.

I don't know OpenSignal so I can't really speak on it. What's it used for?

Sent from my Nexus 7 (2013)
Blackberry Bold 9780 OS 7
HTC G2 (Desire Z) 4.4.2
LG Nexus 4 4.4.2
Asus Nexus 7 (2013) 4.4.2

Don't forget to hit the Thanks button if I helped in any way!

The Following User Says Thank You to Berrydroidcafe For This Useful Post: [ Click to Expand ]
 
badboy47
Old
(Last edited by badboy47; 12th January 2014 at 04:22 PM.)
#3  
badboy47's Avatar
Senior Member
Thanks Meter 721
Posts: 1,334
Join Date: Nov 2009

 
DONATE TO ME
no silly Malware are for Windows. You said Kaspersky? lol.... anyway seems like an app issue. I always enable > set mobile data limit to certain MB / GB. Try checking other apps aswell like (Google Plus, Facebook) disable auto photo sync.

To Factory Reset:
1. Backup your files from your sd card.
2. Download Nexus 4 4.4.2 (KOT49H) image from here.
3. Extract it using Winrar or 7zip.
4. Connect the Nexus 4 to your computer and run *Flash-all.bat*
5. Let it do its magic.
The Following User Says Thank You to badboy47 For This Useful Post: [ Click to Expand ]
 
muso_ed
Old
#4  
Junior Member - OP
Thanks Meter 0
Posts: 2
Join Date: Jan 2014
Quote:
Originally Posted by Berrydroidcafe View Post
I know you probably isn't going to like this, but for the most part, apps like Kaspersky and lookout does a lot of phoning home, thus use a lot of data. Some will say they are useless, but that's a judgment call. I have tried them but usually end up getting rid of them.

I don't know OpenSignal so I can't really speak on it. What's it used for?

Sent from my Nexus 7 (2013)
Hi,
Thanks for the reply.

Opensignal is a crowd-sourced mobile/wifi signal mapping app.
Can't post a link yet (only 1 post!) but if you Google it... Had it installed for ages and didn't use more than a few kB a day, as one would expect.

Really think it's something deeper than this, because programs are continuing to use data after uninstall and, although AV programs use a fair bit of data, half a gig for just definition updates seems silly.

Cheers.
 
Berrydroidcafe
Old
#5  
Berrydroidcafe's Avatar
Senior Member
Thanks Meter 230
Posts: 1,021
Join Date: May 2011
Location: Cleveland Ohio - San Diego Ca
Quote:
Originally Posted by muso_ed View Post
Hi,
Thanks for the reply.

Opensignal is a crowd-sourced mobile/wifi signal mapping app.
Can't post a link yet (only 1 post!) but if you Google it... Had it installed for ages and didn't use more than a few kB a day, as one would expect.

Really think it's something deeper than this, because programs are continuing to use data after uninstall and, although AV programs use a fair bit of data, half a gig for just definition updates seems silly.

Cheers.
My suggestion would be to wipe your dalvik, cache and at the extreme your data, but you're not rooted.

The AV app(s) does a lot more than check for definition updates. They also check out the websites that you visit as well. That could account for the data used.

I'm not aware of an app that could wipe the mentioned partitions without root. Maybe someone else might know?

Sent from my Nexus 7 (2013)
Blackberry Bold 9780 OS 7
HTC G2 (Desire Z) 4.4.2
LG Nexus 4 4.4.2
Asus Nexus 7 (2013) 4.4.2

Don't forget to hit the Thanks button if I helped in any way!

The Following User Says Thank You to Berrydroidcafe For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes