2013-06-10

Android malware silentclient.apk silentservice of root phones (rooted)

threat keywords:

  • silentservice
  • silentclient.apk
  • Log
  • LogicDownloads
  • datang_gaoyang
  • 低聲下載
  • 靜默渠道
  • com.android.as
  • 山寨手機

(remove) system app apk:
- Android 更新 4.1 (system apk)
- SystemThreads (system apk)
path (/sdcard):

/storage/sdcard0/datang_gaoyang/SilentClient.apk
/storage/sdcard0/Log/app_service/*.txt
/storage/sdcard0/LogicDownloads/*/*.apk

Below are fixes at your sole own risks

If not rooted (手機沒 root)
1a) rename path /sdcard/datang_gaoyang to /sdcard/datang_gaoyang.bak
1b) create an empty file /sdcard/datang_gaoyang
2a) rename path /sdcard/Log/app_service to /sdcard/Log/app_service.bak
2b) create an empty file /sdcard/Log//app_service
3a) rename path /sdcard/LogicDownloads to /sdcard/LogicDownloads.bak
3b) create an empty file /sdcard/LogicDownloads
4) reboot

(PS. the /sdcard/Log/app_service/* will keep logging, because the malwares are running, but bugged to download, and will still submitting your IMEI, etc.)

If rooted (手機已 root)
  1. remove the above 2 systems apps
  2. perform above 1a, 2a, 3a to cleanup
  3. reboot


Good luck.

Problematic apks backup for examination:
  1. SystemThread_3.0.apk http://goo.gl/08uOp
  2. Android更新_4.1.apk http://goo.gl/Ouljj




to be updated ~

No comments: