Huawei, Vivo phones tag Google app as TrojanSMS-PA malware

Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware. In what appears to be a false positive, these security alerts warn that "Immediate uninstallation is advised," as the app is now considered high risk, as shown by the alert below from one of BleepingComputer's devices. When users click on the 'View Details' option, the alert warns that the app was detected secretly sending SMS messages. "This app was detected sending SMS privately, enticing users to pay with adult content, downloading/installing apps privately, or stealing private information, which may cause property damage and privacy leakage," reads the security alert details. This issue has been reported by many users on the Google support forums, Reddit, the Huawei forums, and various other Android communities. BleepingComputer contacted Google to determine if a recent app update might have caused the sudden uptick in malware warnings, but a spokesperson said Google Play Protect is not triggering the alert. BleepingComputer has independently verified that these alerts were shown on a Huawei device with Google's core apps pre-installed and no side-loaded apps. Google's explanation does not accurately reflect the types of Android devices impacted by these alerts. BleepingComputer confirmed that these alerts are being shown by the 'Huawei Optimizer' app on Huawei devices. It is unclear what apps are displaying the alerts for Vivo or Honor phones. If you have not side-loaded the Google app on your Huawei, Vivo, or Honor phone, it should be safe to ignore the warning and keep it running. While it is most likely these alerts are false positives, there has been no official comment from the device makers confirming this. A proposed solution for disabling the "False alarm" is to go to Settings > Apps > Optimizer > App Info > Storage > Clear Cache / Clear Data and then reboot your device. If that doesn't work, try to uninstall and reinstall the Huawei Optimizer app. This action should refresh its outdated signature database, eliminating the incorrect false positive warnings. BleepingComputer also contacted Huawei and Vivo for a comment, but we have yet to receive a response from the Chinese smartphone makers. Roid adware apps on Google Play amass two million installs. SpyNote Android malware spreads via fake volcano eruption alerts. Fake 'RedAlert' rocket alert app for Israel installs Android spyware. Roid malware Xenomorph runs new campaign targeting the U.S. Android October security update fixes zero-days exploited in attacks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Huawei, Vivo phones tag Google app as TrojanSMS-PA malware

Avast confirms it tagged Google app as malware on Android phones - Czech cybersecurity company Avast confirmed that its antivirus SDK has been flagging a Google Android app as malware on Huawei, Vivo, and Honor smartphones since Saturday. On affected devices, users were warned to immediately uninstall the Google app ...
1 year ago Bleepingcomputer.com
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware - Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware. In what appears to be a false positive, these security ...
1 year ago Bleepingcomputer.com
Lumma malware can allegedly restore expired Google auth cookies - The Lumma information-stealer malware is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. Session cookies are specific web cookies used to allow a browsing ...
1 year ago Bleepingcomputer.com
New Xamalicious Android malware installed 330k times on Google Play - A previously unknown Android backdoor named 'Xamalicious' has infected approximately 338,300 devices via malicious apps on Google Play, Android's official app store. McAfee, a member of the App Defense Alliance, discovered 14 infected apps on Google ...
11 months ago Bleepingcomputer.com
FjordPhantom Android malware uses virtualization to evade detection - A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. The malware was discovered by Promon, whose analysts report that it currently spreads via emails, SMS, and ...
1 year ago Bleepingcomputer.com
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
10 months ago Securityintelligence.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
5 months ago Pandasecurity.com
Google: Malware abusing API is standard token theft, not an API issue - Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. In late November 2023, BleepingComputer reported on two information-stealing malware ...
10 months ago Bleepingcomputer.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
7 months ago Pandasecurity.com
The Limitations of Google Play Integrity API - This overview outlines the history and use of Google Play Integrity API and highlights some limitations. We also compare and contrast Google Play Integrity API with the comprehensive mobile security offered by Approov. Google provides app attestation ...
11 months ago Securityboulevard.com
Android 15, Google Play get new anti-malware and anti-fraud features - Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices. Announced at Google I/O 2024, the new features are designed not only to help end users but also ...
6 months ago Bleepingcomputer.com
Samsung Galaxy gets new Auto Blocker anti-malware feature - Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices. Auto Blocker is an opt-in security feature that prevents the side-loading of risky apps ...
1 year ago Bleepingcomputer.com
CVE-2018-15001 - The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest (versionCode1, versionName1.0) containing an exported activity app ...
5 years ago
Ten new Android banking trojans targeted 985 bank apps in 2023 - This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank ...
11 months ago Bleepingcomputer.com
PixPirate Android malware uses new tactic to hide on phones - The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed. PixPirate is a new Android malware first documented by the Cleafy TIR team last ...
8 months ago Bleepingcomputer.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
How to Extract Malware Configurations in a Sandbox - The most sought-after source of these indicators is malware configurations. Malware Sandboxing Leader ANY.RUN handles the heavy lifting of phishing and malware analysis for SOC and DFIR teams and also helps 300,000 professionals use the platform to ...
9 months ago Gbhackers.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
6 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)