FORUMS
Remove All Ads from XDA

[Guide]A few simple steps to avoid installing Malware

4,280 posts
Thanks Meter: 5,307
 
By justmpm, Retired Senior Moderator on 12th January 2015, 04:18 PM
Post Reply Email Thread
Everybody likes to have the latest and greatest on their devices and that typically means that you are downloading and installing a lot of extra goodies on your device. It is becoming increasingly common to have unwanted things delivered with whatever you are trying to install on your device. To be absolutely safe, you shouldn’t download anything that doesn’t come directly from your OEM and even that is no guarantee that extra “unwanted” stuff won’t end up on your device. These extra things may compromise your privacy or they may just bomb you with adware, either way here is a short guide to help you from installing malware.

1. Stay away from warez.
If someone is going to crack an app to save a little money, they probably can’t be trusted not to add a little bit of extra code designed to line their own pockets. The more warez on the website the more you should be worried about your download. The Google and Amazon app stores really care about their reputations, so they typically go to some effort to remove malware as soon as they find it. Same goes for xda, but you should still expect some malware to sneak through, but the problem is really much worse with the alternative App stores that don't care so much for their user base.

2. Pay close attention to what is being downloaded.
Check the name and the extension of what you downloaded, if they are wrong, then it is probably something you don’t want to install.
An increasing number of file hosts are trying to “trick” users into downloading windows or Mac Installers that typically deliver adware to your computer. If it ends in .exe or .dmg but you are expecting .apk or .zip then you should probably stay away. Please note that All-In-One tool kits and some other things may actually come with .exe, so just use your common sense. Similarly, many malware engines won’t flag adware because it is something that you have “chosen” to install, so it is probably a good idea to be careful with anything that even 1 or 2 malware engines flag as adware. Many file hosts have started offering more than one download link. A real link, for what you want, and then some fake links that take you to ads or provide you with unwanted malware rather than the file you want. Using an adblocker will help reduce these fake links, but again, just make sure what you end up downloading is what you really want. Asking to install a download accelerator, download manager, or pretty much any kind of update to get the download to work are common ploys to get you to download and install something you really don't want.
Example of fake download links:



3. Run a malware check on the download before installing it.
I prefer https://www.virustotal.com & http://sanddroid.xjtu.edu.cn/#home but there are plenty of other tools (see http://wiki.secmobi.com/tools:android_dynamic_analysis for a more thorough listing).

Virustotal uses a number of anti-malware engines to scan your file for known malware. The more tools that return a positive match the more likely it is that you have downloaded malware. If you downloaded something that can root your phone then in all likelihood some scanners will flag it as malware and those can be considered as false positives. Please be aware that just because an app is rated as clean, doesn’t mean that it really isn’t malware. Maybe it hasn’t been identified as malware yet or maybe the sandbox didn’t activate the malware parts of the app.

good: https://www.virustotal.com/en/file/d...is/1389439909/

bad: https://www.virustotal.com/en/file/5...29c1/analysis/

false positives from Rooting App:
https://www.virustotal.com/en/file/0...7d43/analysis/


Sanddroid is just for checking apps and will run them in a sandbox and then tell you about the behavior of your app.

good: http://sanddroid.xjtu.edu.cn/report?...A9767918B55037

bad: http://sanddroid.xjtu.edu.cn/report?...0B2F3F180AED8C
Please feel free to post any tips or tricks you have for avoiding malware and I will see about adding them here.

Please do not ask if something contains malware or not, if you are in doubt then don’t use install it, if it is something you found on xda and are worried about it, then report the post and a moderator will investigate it. The last thing we want is for people to accidentally green light something that is bad, it is your device so in the end it can only be up to you.
Attached Thumbnails
Click image for larger version

Name:	Slide1.jpg
Views:	17162
Size:	128.5 KB
ID:	3124330   Click image for larger version

Name:	Slide2.jpg
Views:	16486
Size:	129.7 KB
ID:	3124331  
The Following 39 Users Say Thank You to justmpm For This Useful Post: [ View ] Gift justmpm Ad-Free
 
 
12th January 2015, 04:18 PM |#2  
justmpm's Avatar
OP Retired Senior Moderator
Flag Jumpston Junction
Thanks Meter: 5,307
 
More
reserved
The Following 2 Users Say Thank You to justmpm For This Useful Post: [ View ] Gift justmpm Ad-Free
12th January 2015, 04:18 PM |#3  
justmpm's Avatar
OP Retired Senior Moderator
Flag Jumpston Junction
Thanks Meter: 5,307
 
More
reserved
The Following User Says Thank You to justmpm For This Useful Post: [ View ] Gift justmpm Ad-Free
12th January 2015, 06:33 PM |#4  
mosek's Avatar
Junior Member
Flag Warsaw
Thanks Meter: 19
 
More
Sometimes when viewing pages for adults some apps from such websites are downloading automaticly to my smartphone
The Following User Says Thank You to mosek For This Useful Post: [ View ] Gift mosek Ad-Free
13th January 2015, 08:52 AM |#5  
justmpm's Avatar
OP Retired Senior Moderator
Flag Jumpston Junction
Thanks Meter: 5,307
 
More
Quote:
Originally Posted by mosek

Sometimes when viewing pages for adults some apps from such websites are downloading automaticly to my smartphone

Try an adblocker....or maybe visit other sites
The Following User Says Thank You to justmpm For This Useful Post: [ View ] Gift justmpm Ad-Free
14th January 2015, 06:03 AM |#6  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by mosek

Sometimes when viewing pages for adults some apps from such websites are downloading automaticly to my smartphone

just deny the download request *facepalm*
14th January 2015, 07:53 AM |#7  
tzadkiel2's Avatar
Member
Flag Madrid
Thanks Meter: 1
 
More
To avoid the double extension, for example .apk.exe or.img.exe or .exe.exe
To verify the size of the unload before executing, for example waits 5mb and the size is of 247Kb to suppress directly and to look for another file, this what it will do yes is touched on him it will be a launcher impossible to stop executes and installing programs desinstalables needing of a complete formatting, I go five days to recover the computer for one of these for not realizing this and executing the file.
If the size of the download does not correspond with the size of the file very probably partner is going to go malware and it is enough to pulsate in order that it has not gone back

My English is terrible for what I have to help with an automatic translator
14th January 2015, 01:36 PM |#8  
dsunglao's Avatar
Junior Member
Flag Floridablanca
Thanks Meter: 4
 
More
Thank you for this guide.. And also I suggest others to install an adblock to avoid popups, viruses, malwares..
The Following User Says Thank You to dsunglao For This Useful Post: [ View ] Gift dsunglao Ad-Free
20th January 2015, 11:12 PM |#9  
Member
Thanks Meter: 22
 
Donate to Me
More
Quote:
Originally Posted by justmpm

Try an adblocker....or maybe visit other sites

This is what I have, I use adblock plus (for android) and MoaAB.

Probably only need one, but works for me.

Thanks for the info, all terrific points.
26th January 2015, 07:39 AM |#10  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by dsunglao

Thank you for this guide.. And also I suggest others to install an adblock to avoid popups, viruses, malwares..

really.? adblock (for android) can block viruses dan malwares..
26th January 2015, 08:00 AM |#11  
justmpm's Avatar
OP Retired Senior Moderator
Flag Jumpston Junction
Thanks Meter: 5,307
 
More
Quote:
Originally Posted by asandi

really.? adblock (for android) can block viruses dan malwares..

Yes and no. Adblockers typically don't scan downloads for adware or malware, but if a link is flagged by adblocker as containing adware then that link will be blocked. It isn't perfect, but in the end you are much less likely to download adware/malware if you are using an adblocker.
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes