FORUMS

IonVR Coming Soon, HTC M9 Dev Edition Gets Android 5.1 – XDA TV

The HTC M9 Developer Edition has received Android 5.1. That and … more

Android 5.1.1 Omni ROM For Motorola Xoom

Back in Feb 2011, the Motorola Xoom became the first device to be sold with Android 3.0 … more

CleanSlate Brings Fingerprint Scanner Mod to HTC One M9+

Work of XDA Recognized Developer tbalden, CleanSlate custom kernel for the HTC … more

Sunday Debate: Which Factors Caused HTC’s Woes?

Join us in a fun Sunday Debate on HTC’s situation. Come with your … more

[Q] Warning: Possible Chinese Trojan from coolapk.com

2 posts
Thanks Meter: 5
 
By pimpex.net, Junior Member on 28th February 2014, 02:17 PM
Post Reply Subscribe to Thread Email Thread
Hello,

I wanted to warn you of this website: coolapk.com. Certain apk files contain "additional" parts. In this case it was a part of VLC (Video Lan Client). After downloading an apk file and installing, all seems to be normal and the desired software is running. Under applications there are only the programs you know about. But after close look, you will find a hidden additional application under Settings/Apps/Show All at the bottom behind letter Z if showing within alphabetical order containing only chinese signs. It is already running, you can not deinstall it only force stop and deactivate is possible. The file size is shown as 4KB. After uninstalling the original app this still is keeped in your system. During the installation there was absolutely no sign of additional software attached. This device is not rooted and has OEM ROM. The machine I was using is Motorola (Enterprise Solutions) TC55 PN TC55BH-JC11ES, Android 4.1.2 Build 131013-SI-1800EN-01.45-15443J-4.1.2-user. I downloaded the apk files 24.02.2014 and the chinese software contains a following timestamp in the properties: 20131013.224458. This app has following rights granted: personal information (read all words attached to the dictionary, read contacts) and network communication (full network access). Attached is the screenshot of above mentioned hidden software (only app-info), perhaps a friendly user can help translate and tell what is it, because it's behaviour as far is not really trustworthy for me.
Contact me for additional questions (enterprise class units only).

regards + stay clean

Bogusz Schubert/pimpex.net
Attached Thumbnails
Click image for larger version

Name:	chin_IMG_1171s.JPG
Views:	396
Size:	43.5 KB
ID:	2605685  
Last edited by pimpex.net; 28th February 2014 at 02:26 PM. Reason: -
The Following 2 Users Say Thank You to pimpex.net For This Useful Post: [ View ]
 
 
28th February 2014, 03:03 PM |#2  
Junior Member
Thanks Meter: 0
 
More
thanks for the advice
14th March 2014, 10:07 AM |#3  
Junior Member
Thanks Meter: 0
 
More
I have that software on my TC55 as well. Oandbackup identifies it as com.android.inputmethod.pinyin, in other words the Chinese input from the AOSP, and the Chinese symbols in its name match the ones of the selectable alternative Chinese input under the "Language & input" settings. I have not installed anything from coolapk.com, only from F-Droid and Amazon. Are you sure this software came with VLC and was not there before? It might just be standard with the TC55.
20th March 2014, 04:00 AM |#4  
johnny grep's Avatar
Senior Member
Thanks Meter: 17
 
More
Quote:
Originally Posted by Elanguescence

I have that software on my TC55 as well. Oandbackup identifies it as com.android.inputmethod.pinyin, in other words the Chinese input from the AOSP, and the Chinese symbols in its name match the ones of the selectable alternative Chinese input under the "Language & input" settings. I have not installed anything from coolapk.com, only from F-Droid and Amazon. Are you sure this software came with VLC and was not there before? It might just be standard with the TC55.

I have that app installed on a Cisco Cius (Froyo!) as well, and am unable to uninstall it. I'd be surprised if this was malware.
20th March 2014, 06:05 AM |#5  
Bishal Pranto Roy's Avatar
Senior Member
Flag 2538′56.8145″N 8838′54.9646″E
Thanks Meter: 546
 
Donate to Me
More
Seriously??
I'll Keep It In Mind And Try Not To Let Chinese Have All My Data
9th June 2014, 01:29 PM |#6  
Senior Member
Thanks Meter: 90
 
More
Quote:
Originally Posted by pimpex.net

Hello,

I wanted to warn you of this website: coolapk.com. Certain apk files contain "additional" parts. In this case it was a part of VLC (Video Lan Client). ......

The app name in chinese means "Google's method to input chinese character by spelling". It is bad for sure to install an additional app in secret. But this input method app sounds innocent. In addition, how can you be so sure that the app sneaked in with VLC from coolapk?
On my TF101, I have a number of apks from coolapk. As far as I am concerted, It is good so far with coolapk, I have not found anything wrong yet.
Last edited by e154037; 9th June 2014 at 01:48 PM.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes