HTCMode = SMiShing app

Search This thread
By:
Advanced…
docnok63

docnok63

Senior Member
Nov 22, 2012
2,176
2,581
Memphis, TN
Hey all,

There's been quite a few reports of people getting duplicate SMSes in the ViperDNA ROM thread. I think I have, unfortunately, found the cause. The other day, I got a SMS from someone not on my contact list/nor anyone I recognized at all. It was like spam email, but from SMS with a link to some site to boot. I brushed it off and just deleted the message. I was reading Android Police's new article on Android anti-virus apps. I was surprised to see my $15 Kaspersky app doing so poorly, so I uninstalled it and installed the #1 rated TrustGo. I did a scan and it found a "High Risk" threat in HTCMode. I followed the link provided by the app and, sure enough, Google has acknowledged the vulnerablility.

This vulnerability is being kept very close to Google's chest, so you don't find much about it doing a search for it. It certainly isn't getting a whole lot of press, but it's gotten some.

I tried to delete the app via TrustGo, but it failed. So went into Titanium Backup and froze the app and then was able to uninstall it. I've rebooted a couple times since uninstall and there doesn't seem to be any repercussions from getting rid of it. I highly recommend you do the same.

Just a heads-up. Protect your shiny DNA and your personal info/data,
Doc
 
Last edited:
  • Like
Reactions: uppon2, rfarrah, Jaggar345 and 5 others
D

darkace

Senior Member
Jun 16, 2009
175
59
Houston
docnok63 said:
Hey all,

There's been quite a few reports of people getting duplicate SMSes in the ViperDNA ROM thread. I think I have, unfortunately, found the cause. The other day, I got a SMS from someone not on my contact list/nor anyone I recognized at all. It was like spam email, but from SMS with a link to some site to boot. I brushed it off and just deleted the message. I was reading Android Police's new article on Android anti-virus apps. I was surprised to see my $15 Kaspersky app doing so poorly, so I uninstalled it and installed the #1 rated TrustGo. I did a scan and it found a "High Risk" threat in HTCMode. I followed the link provided by the app and, sure enough, Google has acknowledged the vulnerablility.

This vulnerability is being kept very close to Google's chest, so you don't find much about it doing a search for it. It certainly isn't getting a whole lot of press, but it's gotten some.

I tried to delete the app via TrustGo, but it failed. So went into Titanium Backup and froze the app and then was able to uninstall it. I've rebooted a couple times since uninstall and there doesn't seem to be any repercussions from getting rid of it. I highly recommend you do the same.

Just a heads-up. Protect your shiny DNA and your personal info/data,
Doc
Click to expand...
Click to collapse

Thanks for the heads up! I wonder why HTC is packing this junk in with their software.
 
docnok63

docnok63

Senior Member
Nov 22, 2012
2,176
2,581
Memphis, TN
darkace said:
Thanks for the heads up! I wonder why HTC is packing this junk in with their software.
Click to expand...
Click to collapse

Perhaps HTC has nothing to do with this software and (as if they care) the developers are trademark infringing when they use it in the app. They merely use the HTC name to legitimize their software and make you think it should be on your phone (some Sense software.) I'm sure on the S3 it's called SamsungMode or TouchMode and tries to make it look like it's part of TouchWiz.

If HTC did create this software, then the SMiShers have just found a way to exploit a vulnerability in the software as they did with other brands. As the video and write-up details, this is not HTC-specific; but Android-wide.

http://www.youtube.com/watch?v=gLujaf0Y4-A
 
Last edited:
J

johnwaug

Senior Member
Nov 24, 2012
197
44
I can not find the HTC Mode.apk on my DNA at all. Not with TB or root file explorer. I am s-off, Viper1.1.3, beat mode kernel and costum recovery.

Sent from my HTC6435LVW using xda app-developers app
 
docnok63

docnok63

Senior Member
Nov 22, 2012
2,176
2,581
Memphis, TN
johnwaug said:
I can not find the HTC Mode.apk on my DNA at all. Not with TB or root file explorer. I am s-off, Viper1.1.3, beat mode kernel and costum recovery.
Click to expand...
Click to collapse

It might not be on your phone. It's in system/app if it is.

hurtfuljeep said:
Thanks for the info. I wasn't aware of trustgo being rated #1.
Click to expand...
Click to collapse

Neither was I until yesterday and I was quite pissed a free app outperformed one I paid $15 for. When it found the vulnerability my anger turned to humility and concern.
 
J

Jaggar345

Senior Member
May 24, 2012
1,109
158
Amston
So reading this seems really shady that they would do this. So I'm not rooted on this phone and I don't want to root because I enjoy this phone how it is. So obviously I can't freeze this so if I disable it, won't this be the same thing as freezing it?

Sent from my HTC6435LVW using xda app-developers app
 
.torrented

.torrented

Senior Member
Mar 7, 2011
2,789
1,484
32
www.cyanfox-rom.com
Jaggar345 said:
So reading this seems really shady that they would do this. So I'm not rooted on this phone and I don't want to root because I enjoy this phone how it is. So obviously I can't freeze this so if I disable it, won't this be the same thing as freezing it?

Sent from my HTC6435LVW using xda app-developers app
Click to expand...
Click to collapse

Kinda sorta... cant hurt to do that
 
  • Like
Reactions: Jaggar345
You must log in or register to reply here.

Similar threads

B
  • Locked
HTC Droid DNA Bootloader Unlock/New Method UPDATED 2/7/2013
Replies
507
Views
314K
B
beaups
uppon2
[VERY EASY GUIDE] ADB/FASTBOOT/RECOVORY *FULL GUIDE* for flashing ROMs, Kernels, APKs
Replies
113
Views
464K
J
jon-e-o
drewX2
[ROM][03.23.13] CyanogenMod 10 on HTC DNA; Audio WIP)
Replies
871
Views
231K
Nowak4G
Nowak4G
B
[S-Off] Facepalm S-Off for HTC Devices - Droid DNA
Replies
840
Views
211K
M
MuhammadBilal
HQRaja
[ROOT][COMPLETE GUIDE]How To Root HTC Droid DNA
Replies
190
Views
212K
Maxy Mystikal
Maxy Mystikal

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 8
    docnok63
    docnok63
    Hey all,

    There's been quite a few reports of people getting duplicate SMSes in the ViperDNA ROM thread. I think I have, unfortunately, found the cause. The other day, I got a SMS from someone not on my contact list/nor anyone I recognized at all. It was like spam email, but from SMS with a link to some site to boot. I brushed it off and just deleted the message. I was reading Android Police's new article on Android anti-virus apps. I was surprised to see my $15 Kaspersky app doing so poorly, so I uninstalled it and installed the #1 rated TrustGo. I did a scan and it found a "High Risk" threat in HTCMode. I followed the link provided by the app and, sure enough, Google has acknowledged the vulnerablility.

    This vulnerability is being kept very close to Google's chest, so you don't find much about it doing a search for it. It certainly isn't getting a whole lot of press, but it's gotten some.

    I tried to delete the app via TrustGo, but it failed. So went into Titanium Backup and froze the app and then was able to uninstall it. I've rebooted a couple times since uninstall and there doesn't seem to be any repercussions from getting rid of it. I highly recommend you do the same.

    Just a heads-up. Protect your shiny DNA and your personal info/data,
    Doc
    View
    1
    .torrented
    .torrented
    Jaggar345 said:
    So reading this seems really shady that they would do this. So I'm not rooted on this phone and I don't want to root because I enjoy this phone how it is. So obviously I can't freeze this so if I disable it, won't this be the same thing as freezing it?

    Sent from my HTC6435LVW using xda app-developers app
    Click to expand...
    Click to collapse

    Kinda sorta... cant hurt to do that
    View

New posts