Received a bunch of Lookout Detected Threats

Search This thread
By:
Advanced…
M

mindfulness

Member
Nov 17, 2013
11
5
I'm running MOAR v6.0 MD4 (Android 4.1.2) on Sprint GS3. I never received any alerts from Lookout before but today it report 15 riskware alerts:

com.android.phone
com.mythtrandyr.inkeffectsettings
com.lidroid.settings
com.sonyericsson.lockscreen.uxpnxt
com.jy.iconchanger.ad
de.robv.android.xposed.mods.appsettings
com.asushi.livewallpaper.mytree
com.monotype.android.font.XDAFONTS
com.android.launcher
de.robv.android.xposed.installer
com.android.flashblink
com.sec.android.mimage.photoretouching
com.koo.lightmanager
com.android.lmt
com.lidroid.sgs.secretcode

All have a classification of: Riskware.Android.CompromisedKey.a.

Should I alarmed or this is likely a problem with definition update from Lookout?
 
M

mindfulness

Member
Nov 17, 2013
11
5
Great support from the Lookout guys as I emailed them and they replied right away, here's what they said. I should be okay:

The reason we have flagged this app is as 'Riskware' is due to a special key that this particular developer used when publishing the app. The key is normally a private piece of information that we use to determine if an app is authentic, and to identify the developer. In this particular situation, the developer chose to use a key that has been widely distributed on the internet or has been compromised.

This makes it impossible for us to validate the app and its authenticity. Therefore, we are not calling these apps malware, but we recommend that users not install apps like this because it is inherently more risky (hence the "Riskware" assessment).

If you as a user understands the risk and still decide to trust the app, feel free to ignore the warning.

We have also been seeing some device manufacturer, preinstalled apps also being flagged as 'Riskware' for the same reason. These apps are unable to be uninstalled and we please ask that you ignore the warning if it is an app that came preinstalled on the device. We have reached out to these developers to make the proper changes.

Thanks for using Lookout!

David,
The Lookout Team
 
  • Like
Reactions: capriciousmike, *.jpg and famdekk
worstenbrood

worstenbrood

Senior Member
May 14, 2008
1,069
1,417
OnePlus 7 Pro
mindfulness said:
Great support from the Lookout guys as I emailed them and they replied right away, here's what they said. I should be okay:

The reason we have flagged this app is as 'Riskware' is due to a special key that this particular developer used when publishing the app. The key is normally a private piece of information that we use to determine if an app is authentic, and to identify the developer. In this particular situation, the developer chose to use a key that has been widely distributed on the internet or has been compromised.

This makes it impossible for us to validate the app and its authenticity. Therefore, we are not calling these apps malware, but we recommend that users not install apps like this because it is inherently more risky (hence the "Riskware" assessment).

If you as a user understands the risk and still decide to trust the app, feel free to ignore the warning.

We have also been seeing some device manufacturer, preinstalled apps also being flagged as 'Riskware' for the same reason. These apps are unable to be uninstalled and we please ask that you ignore the warning if it is an app that came preinstalled on the device. We have reached out to these developers to make the proper changes.

Thanks for using Lookout!

David,
The Lookout Team
Click to expand...
Click to collapse

What effect will this have on CM builds because they are using public available keys (https://github.com/CyanogenMod/android_build/tree/gingerbread/target/product/security) to sign ?
 
You must log in or register to reply here.

Similar threads

N
  • Locked
[ROM][OFFICIAL] CyanogenMod 10 Nightly Builds for SPH-L710.
Replies
9K
Views
2M
KennyG123
KennyG123
N
[ROM][OFFICIAL] CyanogenMod Nightly Builds for d2spr
Replies
11K
Views
1M
X
xdause
rompnit
[ROM] [MOAR] [MD4] v6.0 / CrazyModz / On the Fly Theme / Moved on to 4.3 [11.02.13]
Replies
13K
Views
1M
prboy1969
prboy1969
clark44
  • Locked
[ROM] Team Sonic-FreeGS3 JB v3.0.0 |12-24-12| |REVOLUTIONARY...Redesigned|
Replies
14K
Views
2M
Naddict
Naddict
freeza
[ROM|Stock Rooted] 4/24/13 Sprint TouchWiz Jelly Bean 4.1.2 (L710VPBMD4) Odex/DeOdex
Replies
7K
Views
1M
D
denero1

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 3
    M
    mindfulness
    Great support from the Lookout guys as I emailed them and they replied right away, here's what they said. I should be okay:

    The reason we have flagged this app is as 'Riskware' is due to a special key that this particular developer used when publishing the app. The key is normally a private piece of information that we use to determine if an app is authentic, and to identify the developer. In this particular situation, the developer chose to use a key that has been widely distributed on the internet or has been compromised.

    This makes it impossible for us to validate the app and its authenticity. Therefore, we are not calling these apps malware, but we recommend that users not install apps like this because it is inherently more risky (hence the "Riskware" assessment).

    If you as a user understands the risk and still decide to trust the app, feel free to ignore the warning.

    We have also been seeing some device manufacturer, preinstalled apps also being flagged as 'Riskware' for the same reason. These apps are unable to be uninstalled and we please ask that you ignore the warning if it is an app that came preinstalled on the device. We have reached out to these developers to make the proper changes.

    Thanks for using Lookout!

    David,
    The Lookout Team
    View

New posts