• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Android Chrome Malware

Chaotic42

Chaotic42

Lifer
So I tried to visit Slashdot with my phone and now every time I start Chrome I get a popup saying "An embedded page at s3.amazonaws.com says...", telling me I've been chosen for a chance to win an iPad.

I've tried force stopping Chrome and disabling it with no luck. Any idea how to get this removed? I've looked it up on line and apparently this thing is surviving phone resets as well.

Any help is appreciated.
 
I had this same problem on my Nexus 7 tablet about 2-3 years ago and tracked it down to an app a family member installed on it. Once I uninstalled that app, they stopped appearing.

Do the same thing.
1.) When did you start getting these messages?
2.) What apps have you installed recently?
3.) Start uninstalling the suspected app one by one until you find the culprit.

For example: If you started getting these messages about a week or two ago, try looking at all apps that you've installed within the past 3-4 weeks and narrow down from there.
 
It started once I visited Slashdot. I only have one app which didn't come with the phone. Uninstalling it didn't get rid of the message.
 
John Connor said:
Is your phone rooted? I didn't root my phone because I knew this could be a malware magnet then.
Click to expand...
It's not rooted. I literally just use my phone for calls, texts, pics, and until I just uninstalled it, cribbage. 😛

Disabling all of its permissions to do anything and clearing the cache worked. Thanks for the replies.
 
Last edited:
My hunch is that it's 'just' a rogue ad being served. That happens even on the best sites, since they don't have full control over what ad networks show.
 
John Connor said:
http://www.howtogeek.com/132115/the-case-against-root-why-android-devices-dont-come-rooted/


Would a security conscious person use an Admin account as their primary account in Linux?
Click to expand...
He mentioned his reasoning and the article confirmed it. Even on a rooted phone, the user still have to explicitly allow an app access for it to be able to do anything it does not normally had access to.

It's probably similar to a sudoer access in Linux. You can have root access, but you have to explicitly say it every time. And yes, the default prompt from SuperSU on Android is to give root access just that one time.
 
lothar said:
I don't think you understand how root access works on Android.
Even when rooted, an app must still initially ask for permission.
Click to expand...

And you don't understand what malware can do on a phone that is able to elevate to root privilege. Asking for root permission is just devs playing by some agreed-upon rules, since you never authenticate like you would on Linux. Malware doesn't have to ask, it can and will self-elevate, and do so silently.

Root is very double edged.
 
sweenish said:
And you don't understand what malware can do on a phone that is able to elevate to root privilege. Asking for root permission is just devs playing by some agreed-upon rules, since you never authenticate like you would on Linux. Malware doesn't have to ask, it can and will self-elevate, and do so silently.

Root is very double edged.
Click to expand...
Based on your bolded statement, then being rooted or unrooted wouldn't matter anyhow.
Malware does not appear on your device all of a sudden because you rooted it. You had to do something else for it to get there. It's no different from downloading an attached file in your junk email folder from an unknown sender and running it.

The same malware that affects a rooted device can also affect an unrooted one.
Just because a device is unrooted doesn't mean it's immune to malware. There are lots of malware apps in the wild that can infect an unrooted device using various "Godless" and other numerous exploits.
 
At no point did I ever say malware arrives magically by being rooted.

The rest of your post is failure to understand the act of rooting allows malware to simply give itself root privileges. If you're not rooted, there's very little it can do because the privilege isn't there to begin with. Assuming you're patched for Stagefright and all that. It can't root your phone, but it can take advantage of root.
 
No root here and I get these. I am still unsure if the source is on my phone, or if it's the ads on the website I am visiting.
 
sweenish said:
At no point did I ever say malware arrives magically by being rooted.

The rest of your post is failure to understand the act of rooting allows malware to simply give itself root privileges. If you're not rooted, there's very little it can do because the privilege isn't there to begin with. Assuming you're patched for Stagefright and all that. It can't root your phone, but it can take advantage of root.
Click to expand...
http://blog.trendmicro.com/trendlab...-malware-uses-multiple-exploits-root-devices/
http://arstechnica.com/security/201...und-in-google-play-root-90-of-android-phones/
And what you're failing to understand is that there are malware that can root an unrooted device to get the same privileges.

For example: This exploit was fixed in 5.1.1, so any phone not running that or later is still susceptible. How many Android phones are still not on 5.1.1 or later? A hell of a lot.
 
Lothar, I hit links to alot of the news sites, some tech and some normal. Nothing too shady really. But you know how oblivious they are to their own ad service.

Btw this is on android 6.0. Lg g4, locked boot loader makes things difficult to edit.
 
JeffMD said:
Lothar, I hit links to alot of the news sites, some tech and some normal. Nothing too shady really. But you know how oblivious they are to their own ad service.

Btw this is on android 6.0. Lg g4, locked boot loader makes things difficult to edit.
Click to expand...
Like I said, I got mine when I went to Slashdot. I guess I should report it to them.
 
sweenish said:
The rest of your post is failure to understand the act of rooting allows malware to simply give itself root privileges. If you're not rooted, there's very little it can do because the privilege isn't there to begin with. Assuming you're patched for Stagefright and all that. It can't root your phone, but it can take advantage of root.
Click to expand...

Which malware targets only rooted devices? It seems that malware authors would be better served if they constructed something that could infect as many devices as possible. Targeting rooted devices would limit the audience.
 
sweenish said:
[...]Assuming you're patched for Stagefright and all that. It can't root your phone, but it can take advantage of root.
Click to expand...

It would be great if you guys used points I hadn't already addressed.

I can admit that I didn't take into account the fact that being on the latest version of Android puts you in a minority, but that's it.

The simple fact is that if you are constantly running as root, malware doesn't have to ask, which is the opposite of what you were saying.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top