Pulling out Android Rogue software
Http://www.icpcw.com/Smartphone/Android/Android/1471/147142_all.htm
Http://www.williamlong.info/archives/3134.html
If you use a pea pod or other app market to install the app, the phone will periodically receive some spam push, open not to you referral program, is a variety of useless ads, I think your first reaction is definitely "anger", then I would like to know which software is in the game. Can you only unload one? Laborious and time-consuming. This is a small series to tell you how to find out these deep-lurking rogue.
The upper body is hard to get rid of
The complainant Miss Lee before the beginning of HTC One X, recently very strange, every day will be inexplicably received message push, sometimes game ads, sometimes Shanda, Jinshan, Sohu application, just started only one or two, recently more than a day to receive seven or eight, the most outrageous is the big midnight also push. Because of the purchase of parallel imports, Miss Li first contact with the seller, the answer is due to the installation of software is not very much caused by the proposed system reset. Sure enough, after this treatment, the annoying push disappeared, but not long before the problem again unreasonable appearance. Helpless, Miss Li to must answer the boy for help, and small part of the investigation found that the Bane is in Miss Li through the system built-in AZ market installed those applications.
Private Change Code hidden ads
Through the remote control of the mobile phone, Miss Li installed the application of more common QQ, UC browser, beauty 美图秀秀, beauty camera, the surface of the operation is very normal, using the background management software, can also stop the service. A delete, with the elimination method too wasted time, so thought of calling the Andriod system log log. Use of the software is "Alogcat logger", in the mobile phone pop-up notification when the open, in order to narrow the scope of the search, the previous generated log cleanup, and then push the midpoint to open the ad, and then back to "Alogcat", A process called Com.imangii.templerun the surface of the water, search for keywords, unexpectedly is the famous "Temple Escape" game.
In order to dig out the truth, we also downloaded from Google Play a similar version of the "Temple Escape" game, the apk file suffix to rar, with WinRAR decompression can get classes.dex files. The source code of Java can be obtained by Dex2jar the Android Code Anti-compilation tool. Then use the source code to view the tool Jd-gui, you can view the compiled source code, after the comparison, found in Miss Li through the AZ market download "Temple Escape" is a person moved hands and feet, implanted an unofficial advertising package. The whole thing has finally been understood.
dig out the black industry chain
As we all know, the Android system is known for its openness, which is one of the main reasons he attracts many developers. Among the many conveniences it offers to developers, there is one: the system allows third-party developers to develop system-level programs that reside in the background. This would have been a convenience for the developers of the program, but it was used by some people. Before we saw more is through the Malicious software network Automatic download or brush the built-in rogue promotion of the way to push the application, the use of a dense rogue promotion industry chain, from which to seek profiteering, but with a variety of anti-rogue software upgrades, as well as access to root authority more and more simple, the old tricks began to fail.
The most popular rogue ads right now are notification bar anonymous ads and point wall ads. The former will trigger a forced pop-up of ads after a user installs an app and hides the source. Point wall Advertising requires users to complete the following actions to download other applications to obtain certain points to continue to use the application. How on earth can we eradicate the rogue? We recommend "AD Push Points Detector" (: http://dl.dbank.com/c05ba59mgr), open after the scan, found that there are notification bar anonymous ads and points wall ads will be marked in red, you can directly uninstall hidden ads rogue Software, You can also disable the software from booting and networking via a network firewall.
Facing the bad developer entrap user behavior, must cause the big application store and the mobile security manufacturer's attention, not only must strengthen the examination mechanism, the time to expose to the rogue software, but also must strengthen the supervision to the mobile Internet advertisement. In addition, we recommend the general machine friends, as far as possible to choose the normal application market download the original software, do not be so-called "optimized version", "to advertising version" confusion, this can greatly reduce the chance of the gun.
Day harassment, night harassment, advertising push too rogue
Be scanned, where to escape rogue software usually through the private code, the implantation of advertising, to achieve the effect of hiding
The most frightening thing about these rogue software is that they are malicious malware attack program, but the camouflage is very good, Kaspersky Lab's latest virus attack data show that the new virus detected this year has more than 14900 malicious programs published in 2012-08-27, the "computer newspaper" 34th issue D. Tablet Digital
Pulling out Android Rogue software
