Android 5.1 Possibly Coming February 2015

Google released Android 5.0 just over a month ago, and since then Lollipop has been trying to … more

Double Tap to Wake on the Nexus 6 Without Root

A few weeks ago, we featured an app which allowed the Nexus 6 to regain the double tap to wake … more

Make Your Own Heat Sink for the LG Optimus 4X HD

Its not a rare occurrence that performing a resource heavy task on your Android device (e.g. … more

Learn How to Create an Old School Dialer

XDA is not only a great source for custom ROMs, kernels, and various modifications for numerous … more

Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

HTCMode = SMiShing app

OP docnok63

22nd February 2013, 08:55 AM   |  #1  
docnok63's Avatar
OP Senior Member
Flag Memphis, TN
Thanks Meter: 660
 
1,117 posts
Join Date:Joined: Nov 2012
More
Hey all,

There's been quite a few reports of people getting duplicate SMSes in the ViperDNA ROM thread. I think I have, unfortunately, found the cause. The other day, I got a SMS from someone not on my contact list/nor anyone I recognized at all. It was like spam email, but from SMS with a link to some site to boot. I brushed it off and just deleted the message. I was reading Android Police's new article on Android anti-virus apps. I was surprised to see my $15 Kaspersky app doing so poorly, so I uninstalled it and installed the #1 rated TrustGo. I did a scan and it found a "High Risk" threat in HTCMode. I followed the link provided by the app and, sure enough, Google has acknowledged the vulnerablility.

This vulnerability is being kept very close to Google's chest, so you don't find much about it doing a search for it. It certainly isn't getting a whole lot of press, but it's gotten some.

I tried to delete the app via TrustGo, but it failed. So went into Titanium Backup and froze the app and then was able to uninstall it. I've rebooted a couple times since uninstall and there doesn't seem to be any repercussions from getting rid of it. I highly recommend you do the same.

Just a heads-up. Protect your shiny DNA and your personal info/data,
Doc
Attached Thumbnails
Click image for larger version

Name:	2013-02-22-01-12-00[2].jpg
Views:	676
Size:	38.3 KB
ID:	1750852   Click image for larger version

Name:	2013-02-22-01-12-48[1].jpg
Views:	585
Size:	11.2 KB
ID:	1750853   Click image for larger version

Name:	2013-02-22-01-16-49[1].jpg
Views:	586
Size:	23.0 KB
ID:	1750854   Click image for larger version

Name:	2013-02-22-01-18-09[1].jpg
Views:	614
Size:	40.3 KB
ID:	1750855  
Last edited by docnok63; 22nd February 2013 at 10:10 AM.
The Following 8 Users Say Thank You to docnok63 For This Useful Post: [ View ]
22nd February 2013, 01:49 PM   |  #2  
Senior Member
Flag San Antonio
Thanks Meter: 16
 
152 posts
Join Date:Joined: Jun 2009
More
Quote:
Originally Posted by docnok63

Hey all,

There's been quite a few reports of people getting duplicate SMSes in the ViperDNA ROM thread. I think I have, unfortunately, found the cause. The other day, I got a SMS from someone not on my contact list/nor anyone I recognized at all. It was like spam email, but from SMS with a link to some site to boot. I brushed it off and just deleted the message. I was reading Android Police's new article on Android anti-virus apps. I was surprised to see my $15 Kaspersky app doing so poorly, so I uninstalled it and installed the #1 rated TrustGo. I did a scan and it found a "High Risk" threat in HTCMode. I followed the link provided by the app and, sure enough, Google has acknowledged the vulnerablility.

This vulnerability is being kept very close to Google's chest, so you don't find much about it doing a search for it. It certainly isn't getting a whole lot of press, but it's gotten some.

I tried to delete the app via TrustGo, but it failed. So went into Titanium Backup and froze the app and then was able to uninstall it. I've rebooted a couple times since uninstall and there doesn't seem to be any repercussions from getting rid of it. I highly recommend you do the same.

Just a heads-up. Protect your shiny DNA and your personal info/data,
Doc

Thanks for the heads up! I wonder why HTC is packing this junk in with their software.
22nd February 2013, 03:33 PM   |  #3  
docnok63's Avatar
OP Senior Member
Flag Memphis, TN
Thanks Meter: 660
 
1,117 posts
Join Date:Joined: Nov 2012
More
Quote:
Originally Posted by darkace

Thanks for the heads up! I wonder why HTC is packing this junk in with their software.

Perhaps HTC has nothing to do with this software and (as if they care) the developers are trademark infringing when they use it in the app. They merely use the HTC name to legitimize their software and make you think it should be on your phone (some Sense software.) I'm sure on the S3 it's called SamsungMode or TouchMode and tries to make it look like it's part of TouchWiz.

If HTC did create this software, then the SMiShers have just found a way to exploit a vulnerability in the software as they did with other brands. As the video and write-up details, this is not HTC-specific; but Android-wide.

http://www.youtube.com/watch?v=gLujaf0Y4-A
Last edited by docnok63; 22nd February 2013 at 03:44 PM.
22nd February 2013, 05:41 PM   |  #4  
Senior Member
Thanks Meter: 31
 
159 posts
Join Date:Joined: Nov 2012
Re: HTCMode = SMiShing app
I can not find the HTC Mode.apk on my DNA at all. Not with TB or root file explorer. I am s-off, Viper1.1.3, beat mode kernel and costum recovery.

Sent from my HTC6435LVW using xda app-developers app
22nd February 2013, 06:15 PM   |  #5  
hurtfuljeep's Avatar
Member
Thanks Meter: 31
 
97 posts
Join Date:Joined: Dec 2011
Re: HTCMode = SMiShing app
Thanks for the info. I wasn't aware of trustgo being rated #1.

Sent from my HTC6435LVW using xda app-developers app
22nd February 2013, 07:37 PM   |  #6  
docnok63's Avatar
OP Senior Member
Flag Memphis, TN
Thanks Meter: 660
 
1,117 posts
Join Date:Joined: Nov 2012
More
Quote:
Originally Posted by johnwaug

I can not find the HTC Mode.apk on my DNA at all. Not with TB or root file explorer. I am s-off, Viper1.1.3, beat mode kernel and costum recovery.

It might not be on your phone. It's in system/app if it is.

Quote:
Originally Posted by hurtfuljeep

Thanks for the info. I wasn't aware of trustgo being rated #1.

Neither was I until yesterday and I was quite pissed a free app outperformed one I paid $15 for. When it found the vulnerability my anger turned to humility and concern.
22nd February 2013, 10:48 PM   |  #7  
MicroMod777's Avatar
Recognized Contributor
Flag Los Angeles
Thanks Meter: 2,031
 
4,196 posts
Join Date:Joined: Apr 2010
Donate to Me
More
Re: HTCMode = SMiShing app
All it does is allows apps to send u fake spam texts. I get that type of junk anyways without this apps help.

On the DNA I think its the HTCModeClient.apk. I'm gonna remove it on my Rom today and see if my text work normal.

Sent from my HTC6435LVW using Tapatalk 2
23rd February 2013, 08:17 PM   |  #8  
.torrented's Avatar
Recognized Contributor
Flag Suffolk, VA
Thanks Meter: 1,477
 
2,789 posts
Join Date:Joined: Mar 2011
Donate to Me
More
Quote:
Originally Posted by MicroMod777

All it does is allows apps to send u fake spam texts. I get that type of junk anyways without this apps help.

On the DNA I think its the HTCModeClient.apk. I'm gonna remove it on my Rom today and see if my text work normal.

Sent from my HTC6435LVW using Tapatalk 2

my texting worked just fine when i removed it off of my phone
23rd February 2013, 10:03 PM   |  #9  
MicroMod777's Avatar
Recognized Contributor
Flag Los Angeles
Thanks Meter: 2,031
 
4,196 posts
Join Date:Joined: Apr 2010
Donate to Me
More
Re: HTCMode = SMiShing app
Quote:
Originally Posted by .torrented

my texting worked just fine when i removed it off of my phone

Mine seems fine also.

Sent from my HTC6435LVW using Tapatalk 2
24th February 2013, 06:39 AM   |  #10  
Jaggar345's Avatar
Senior Member
Flag Amston
Thanks Meter: 155
 
1,096 posts
Join Date:Joined: May 2012
More
Re: HTCMode = SMiShing app
So reading this seems really shady that they would do this. So I'm not rooted on this phone and I don't want to root because I enjoy this phone how it is. So obviously I can't freeze this so if I disable it, won't this be the same thing as freezing it?

Sent from my HTC6435LVW using xda app-developers app

Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes