Need help May I ask a question??

Linca09
Linca09
edited January 25 in Mobile Security

I have downloaded and install this app/game, but the problem is it doesn't have an icon like usually it uses only the default android icon not the actual icon

I don't know if the developers doesn't add it or don't know how to add, but certainly after I downloaded it the bitdefender mobile security app doesn't show any warning of app being malicious, and also I scanned it before I installed but didn't get any warning.

usually the app itself automatically scan the app after installed, After I install it it says the same thing when you installed an app in the official store like it secured whatsoever I know this seems stupid but I hope devs will answer my question.

This is how the icon looks like


Best Answers

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited January 25 Answer ✓

    The app may or maynot be malicious.

    If you believe that a website or file is not detected by Bitdefender as malicious or phishing, kindly report it to our malware research team using the forum provided at the link below: https://www.bitdefender.com/consumer/support/answer/29358/

    If the website or file is indeed malicious or phishing, detection will be added within a maximum of 72 hours. However, if no detection is available even after 72 hours, kindly consider the website or file as safe, as determined by our malware researchers, and no detection will be created for them.

    Also, you can download the VirusTotal app from the provided link (https://play.google.com/store/apps/details?id=com.funnycat.virustotal&hl=en&gl=US) to check your entire Android operating system and see if all the apps are clean or if any app is detected as malicious by different anti-malware vendors.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited February 2 Answer ✓

    This forum can only help you with Bitdefender products. For assistance with products from other vendors, kindly contact their support.

    TrendMicro support: https://helpcenter.trendmicro.com/en-us/contact-support/

    Fortinet support: https://www.fortinet.com/support/contact

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

Answers

  • Sir Felix may I ask, when I download the virustotal app from the link you gave me and make a quick scan. the app detected 6 suspicious malware on my system settings app.

    I don't know if it's really real/legit or just a false alarm, hope you can help me with this since deleting a system settings app has a big impact on a phone

    (Now my problems turns for the worst hahahaha)

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited January 25

    @Alexandru_BD, @agozob From the VirusTotal app, it seems that the Settings app is detected as malicious by Bitdefender, Avira, and Norton. The thing is that the detected settings file is an inbuilt Android OS file, and hence there will be no option to remove it. Also, the same cannot be sent to malware researchers. Any thoughts here?

    What is concerning me is that, while creating detection, did the Bitdefender malware researchers not know that it is a system file? And how did they get access to the Android OS system file in the first place?

    Kindly check if you can help here.

    Additionally, @Linca09 Can you click on the information bar and share the hash (MD5 or SHA256) here (in written format)?

    I guess the only way to remove the detection will be to share the hash of the app with the malware research team to get the detection removed.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Sure no problem sir flexx here's the hash of the app Sha256: ddce42bd535400a2a0591b39b365e4d8fcb23c68ace431ae36744cd14f83355c

    And the md5:7487cedc28cbab382e846d1808c5a878

    Ty and God bless good sirs

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Got it, below is the virustotal link for the same

    https://www.virustotal.com/gui/file/ddce42bd535400a2a0591b39b365e4d8fcb23c68ace431ae36744cd14f83355c

    @Alexandru_BD, can you share the above stated virustotal link with malware researchers and ask them to promptly remove the detection? Kindly provide an update on the resolution here.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Thank you good sirs I will wait for your update here

  • Hello,

    Regarding the original question, the app is most likely a repack and simply has no icon, but that doesn't mean it's necessarily malicious, especially since it doesn't display any detection on virustotal. However, we do not advise anyone to download such applications. Although the Settings app appears to be detected, it looks more like something generic, so I think it's most likely false positives. The sample has been forwarded to the anti-malware researchers for a deeper analysis nevertheless.

    @Linca09 can you tell us what type of mobile device do you have?

    And the reason why Bitdefender didn't alert you about the application is that it doesn't scan system applications, precisely on the principle that there is no way for them to be infected in the first place and if they are, then the phone was purchased from a doubtful source or it was sketchy from the very beginning. There are a lot of copycats and shady mobile brands out there, so it's recommended to stick to a reputable brand.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • Thank you for your response Alexandru sir. about the app that has no icon, I've uploaded it in the virustotal site to further scan it but didn't get any signs of the app being malicious, also I did the scan 3 or 4 times the same goes in the bitdefender app and the app anomaly scan features of bitdefender but same thing, didn't detect any.

    About the type of device I use, I'm using Infinix smart 7 hope you fix this and God bless y'all

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    @Alexandru_BD I am confused because the 'Settings' app is a system app, so how did Bitdefender for Android scan it?

    Additionally, ESET has also started detecting the app as having spy.banker (apps that spy on Android devices using overlay screens to obtain information about the victim’s financial apps. They can also control the device screen, forward incoming calls on the victim’s device, and inject banking URLs)

    @Linca09 I guess you will have to report this app to your mobile manufacturer to get this resolved.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • I see well but I hope this was just a false alarm, since the app that I have a suspicion on has no malware detected on it despite the fact that it has no icon

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    After reporting the setting app to ESET, they have removed the detection but for Bitdefender it is still pending.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Thank you sir flexx I be waiting.

  • Good sirs I've waited for 72 hours about the link that I sent of where I downloaded the app to your malware research team, but didn't receive any detection mail from them. so basically the link is safe?

    Also about the system settings application that has 6 malware. do you have an update if the detection really are positive or not? I've scanned it to other popular antivirus app like eset,avg antivirus and Kaspersky but they didn't detect any malicious on my phone.

    Ughhh I'm really worried since 6 detection is quite troublesome please make an update as soon as you can good sirs.

  • Also this is quite confusing. I tried to scan both the virustotal app and site, but they both seems have a different results. the app version detected 6 which the same as usual, while the site detected 4 any thoughts here good sirs and I'm sorry for asking too many questions because you know I'm quite worried about this.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    @Alexandru_BD will get back to you in some time since he is the employee of bitdefender and has more access to stuffs.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Ah I see thank you sir flexx, as usual I be waiting.

  • Hi @Linca09,

    These are still being processed.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • Thank you Alexandru sir as usual again I be waiting.

  • Hello @Linca09,

    Just a quick update here. The security researchers concluded that the app is legitimate, there was a generic false alert which was recently removed.

    It took a while to analyze the detection in-depth, because samples like that are quite convoluted and the researchers had to make sure that everything was O.K.

    Thank you for your patience.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    The detection has been removed as you can check in below stated link virustotal link

    https://www.virustotal.com/gui/file/ddce42bd535400a2a0591b39b365e4d8fcb23c68ace431ae36744cd14f83355c

    You can again run a scan with virustotal app on your device.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Thank you very much sir flexx and sir Alex and the rest of the researches.

    anyway as you can see I run a quick scan in the virustotal app and virustotal link and it seems like some of the detection has been removed and I'm really truly grateful for that.

    now as you can see there are still this 2 avs Report that have not been removed yet. Alibaba which still detect a trojan spy and SymantecMobilelnsight which also still detect apprisk as seen in the photo above.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited February 1

    No one cares whether Alibaba detects it or not; I've never heard of this antimalware vendor.

    As far as Norton/Symantec goes, you can share the same with them via the below-stated links

    https://submit.norton.com/

    https://symsubmit.symantec.com/

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Alexandru_BD
    Alexandru_BD admin
    edited February 1

    Hello @Linca09,

    You are most welcome, I'm glad we could help.

    In regards to the remaining detections, we can't influence what other vendors detect, so this needs to be addressed by the respective entities. The Bitdefender security analysts looked over the samples and they concluded everything was clean, so from my point of view there's not much we can do for the remaining false positive detections. Alibaba and Symantec should sort them out.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Thank you again as usual sir Alex and sir flex, really I'm truly grateful. amm there still these 4 detection remaining in my system. I just wanna make sure if this 4 detection is false or not, and after that I can finally at peace.

    Also here's there hash

    Smart panel system app: 30261105be899078e771f26c05a5f9e0704e91d2799f46ffdb7186b958510867

    Smart scan system app: 0ff52062f700b44880104c6de792c4e15460f43931b098f896a2468502ef9806

    Xos launcher system app:

    0b5f940abccd78af96cc7117f947bfbdb921a328eac2ab904c247390ed99e80b

    YouTube music system app:

    085c62b9cdda490254718d2e6cdc8cdc8214d1c6c985ead00e23c60e12ebbcad


  • I see well thanks again good sirs, and sorry for asking too many questions.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Am sir flexx....... I know this seems rather stupid to ask again, but.... after I scanned my virustotal app. it looks like the detection of SymantecMobilelnsight have been removed, and only the Alibaba avs are still there detecting trojan spy, is this Alibaba really... you know....... legit?


  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited February 4

    Yes, because I had already contacted them regarding the removal of the detection via their online forum and received a reply stating that the file was clean, and hence detection might have been removed.

    Seems like Trend Micro has also removes it.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • About that are you referring to Alibaba or SymantecMobilelnsight? Also about the TrendMicro-HouseCall what system app are you referring the settings app or the other 3 system apps namely smart scanner and smart panel?

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    I am referring only to Norton/Symantec. They use the same detection engine since they were part of the same company before. For others, I do not have any information.

    Forget Alibaba, as I told you earlier, I have never heard of that antimalware, and no one cares if it detects a file as malware or not.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Oh i see..... well if you say so and also if one of the most trusted anti-malware namely bitdefender....etc remove they're detection and flag the system app as clean then I'm ok with that, since as what sir Alex says that they're bitdefender security analysts said that they looked over the samples and they concluded that everything was clean then, So maybe it really is safe..... Well ty again sir flex for your great patience.

  • ......about the other 3 system app detection TrendMicro-HouseCall and fortinet....well about the TrendMicro-HouseCall maybe it was false, since it detects 3 of my system apps as malicious. and yesterday when I scan it again via virustotal, they're remove the detection or the detection got remove in one of the system app, namely yt music system app... so yahh maybe the TrendMicro-HouseCall was a false detection after all, also about fortinet detection in XOS Launcher I still don't have any idea how to know if it's false or not

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    You can share the hash of the app with Fortinet support by sending them an email at [email protected] and informing them about the detection issue. They may ask you to use the online forum to submit the sample, but you will have to inform them that you only have the hash of the app. You can then share the hash with them, and they might have it checked by their malware analyst.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Sir flexx as you can see, I already contacted them yesterday and earlier via there email, but they only replied with this also, when I try to create an account a company is required since I'm a student I don't know what to put. so if ok will you sir contact them for me..... I know this seems out of the line tho but I really appreciate it.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Use the below stated link and select chat option

    https://www.fortinet.com/support/contact

    If you can share the hash (in written format) I may try to get it checked.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Ty sir flexx, also here's the hash of the app 0b5f940abccd78af96cc7117f947bfbdb921a328eac2ab904c247390ed99e80b

    Kindly check it sir.