Jump to content

a_Mbam

Honorary Members
  • Posts

    533
  • Joined

  • Last visited

Reputation

11 Good

Recent Profile Visitors

28,034 profile views
  1. Hello TW20, Thanks for bringing this to our attention. This warning is from our advanced ransomware scanner. Apps that have elevated privileges and that have been installed using side loading (anything installed outside of Google Play) are flagged as potential ransomware. Installation from outside the Play Store plus elevated privileges are big red flags. Therefore, we warn our customers that a suspicious app was installed that displays ransomware like properties. It’s up to the user to ignore our warnings or not. Ransomware is particularity dangerous, and this warning gives users the ability to cut it off before it’s too late. We will review this app and in the meantime you can add this app the MB for Android's 'Ignore' list. Regards, -Armando
  2. Hi Fernando1025, I have scanned the file you sent us multiple times and do not see the FP detection. We have no rules in place for your apps. Could you send us screen captures of the detection, to help us track down the issue. MB for Android ver. 3.10.3.96 malware database. 2022.07.19.01 Regards, -Armando
  3. Hi HarryH, This detection is from the Anti-ransomware protection and is behavioral based. We have fixed and the issue will be resolved in an update later this afternoon. In the meantime I would suggest you do a fresh install from the Play Store https://play.google.com/store/apps/details?id=com.anydesk.anydeskandroid Regards, -Armando
  4. HI Chris, Typically, when an app is uninstalled all the components are removed. Your pwd's and data should be okay, this one is most ads and web redirects. Could you share the app in question with us or the location where you download. I would like to have a look at the app and see its behaviors, is it persistent and for our own research. Thanks, -Armando
  5. Hi Clang, Thanks for bringing this to our attention, browser phishing detection should work for all browsers, but there does appear to be some inconsistency. In my test of your scenario I had the opposite behavior (works on Brave not on Edge). Safe Browsing will work with Chrome as this is the officially supported browser, per product page. We apologize for the inconvenience. Regards, -Armando
  6. Hi Costa, This app has been classified as a Monitor, because it can monitor and forward incoming messages. If you are familiar with the app and trust it then you can use and 'Ignore' the Malwarebytes detection. This type of detection is primarily to inform users who had this type of app installed unknowingly, for example someone wanting to spy on another. Regards, -Armando
  7. Hello, Thanks for reporting this. We have removed the detection, this will reflect in an update later today. Regards, -Armando
  8. Hi JorgeBon, The site looks safe to me and no payloads were dropped. On Android you won't get the file injections or other buffer overflow type behaviors you will see with Window's browsers. Yes, typically an APK or app will need to be installed for the malware to get installed or dropped. There are no 'viruses,' as such, on Android. To protect yourself from apps being installed from a browser or some third party, ensure you have "Install from Unknown Sources', 'Install unknown apps' or similar wording disabled in Android Settings. -Armando
  9. Deep_logic, Unfortunately not, unless you can find a very good spam filter for Gmail service. This isn't an app or file issue, these events are created from spam emails similar to the Nigerian Prince or Hot Singles type of messages Gmail is flooded with. Google or any other email service that has this issue must fix. -Armando
  10. Hello, These calendar events are created from Gmail spam, therefore Malwarebytes for Android cannot detect these as they come in. MBAM for Android is an app and file scanner and does not scan incoming Gmail. This must be a growing issue as Android Authority just published an article on how to remove these nasty events. https://www.androidauthority.com/google-calendar-spam-1022909/ Unfortunately, Google doesn't seem to be taking action on this behavior at this time, so our only recourse is to manually remove these and DO NOT click on the embedded links. Regards, -Armando
  11. Hi All, This has been fixed, the fix will be in today's malware database v2018.04.03.01. Thanks for your patience. Regards, -Armando
  12. Hi DanteMwangi, Thanks for bringing this to our attention. We have adjusted detection for this app and fix will be in our Dec. 5, 2017 malware database update. Regards, -Armando
  13. Hi Booterbotter, Thanks for bringing this to our attention and apologies for the late reply. It appears this app shares some characteristics of a lot of different malware out there. I would suggest if this developer wants to have a unique app they can use a unique digital certificate, that will help distinguish from any other developer's app. Regards, -Armando
  14. Hi Camhart, Thanks for reporting this behavior. Your app is likely being flagged as potential ransomware because of the elevated privileges it requests. Also are you side loading to install Truple? Do you get the same behavior if you install from the Play Store? In our tests we don't see your app being detected by Malwarebytes for Android when installed from the Play Store. Installation from outside the Play Store plus elevated privileges are red flags and as a security application we want to warn our customers that a suspicious app was installed and it should be reviewed. Regards, -Armando
  15. Hi ForeverRogue, Thanks for bringing this to our attention, this is an FP and we have corrected the rule. The fix will be published in our next update coming later this afternoon. Regards, -Armando
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.