right place to solve android browser hijack problem

i’m looking for the right place to find the info needed to protect my
android 4.0.x browser from being hijacked and set to rogue shopping
sites…

i’m pretty sure this is not the right place…but, i see folks asking
mobile computing systems and hardware questions in several places
around here…

if i can find the right place i wanna ask:

do i need an AV?
which?
or maybe a browser or malware shield?
or what?

see, i have zero experience with AV software (having not been
involved with MS software since 1995 i really don’t know where to
begin…the Android Play Store has a dizzying array of “big names”
(Norton, Ditdefender, McAfee and others) in the WindozWorld…anyone
know which one (BIG, little or no-name) will keep the dirty pond
scum suckers out of my cute little (‘no-name’) Droid(s)?

–
dd

On Thu 25 Apr 2013 11:05:42 AM CDT, dd wrote:

i’m looking for the right place to find the info needed to protect my
android 4.0.x browser from being hijacked and set to rogue shopping
sites…

i’m pretty sure this is not the right place…but, i see folks asking
mobile computing systems and hardware questions in several places
around here…

if i can find the right place i wanna ask:

do i need an AV?
which?
or maybe a browser or malware shield?
or what?

see, i have zero experience with AV software (having not been
involved with MS software since 1995 i really don’t know where to
begin…the Android Play Store has a dizzying array of “big names”
(Norton, Ditdefender, McAfee and others) in the WindozWorld…anyone
know which one (BIG, little or no-name) will keep the dirty pond
scum suckers out of my cute little (‘no-name’) Droid(s)?

Hi
Have no idea, neither one is online much so never worried about it. For
news and weather I have dedicated apps rather than a browser. I do use
firefox rather than the default browser.

I use AVG on the machine with a windows partition…

Scan the device with nmap, any ports open?

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.3 (x86_64) Kernel 3.7.10-1.1-desktop
up 14:42, 3 users, load average: 0.00, 0.07, 0.07
CPU Intel® i5 CPU M520@2.40GHz | GPU Intel® Arrandale

On 04/25/2013 02:19 PM, malcolmlewis wrote:
> Have no idea, neither one is online much

i use mine mostly as a “TV” replacement…which, requires a xDLS
stream…

> so never worried about it. For
> news and weather I have dedicated apps rather than a browser.

yep, but my favorite news sites apps don’t all give access to live
streams, rather they feature mostly one to five minute clips that may
be hours or DAYS old…

weather apps are all Danish all the time, but that is no problem

> I do use firefox rather than the default browser.

i’ve not yet spent the time required to figure out how to install
Flash (again, a dizzy array of potential install options–WHY is FF
delivered without flash?)…so, i have firefox, but it won’t live
stream the feeds i want without a flash.

> I use AVG on the machine with a windows partition…

don’t have one of those…OH wait, yes i do…but its not been
booted since the day i successfully burned an 11.4 install disk.in 2011…

>
> Scan the device with nmap, any ports open?

good idea!!! “All 1000 scanned ports on 192.168.1.102 are closed”

and, i got the last hijack cleared by changing the start page away
from the scum site, dumping cookies, history, cache closing the
browser and shutdown/reboot…

just like to avoid the next hijinks.

hmmm…installed Chrome and adobe.com/software/flash/about/ reports
no flash installed…strange, i though Chrome included flash…maybe
that is only the Chrome for Linux.

–
dd

On Thu, 25 Apr 2013 11:05:42 +0000, dd wrote:

> do i need an AV?
> which?
> or maybe a browser or malware shield?
> or what?

I use the free edition of Lookout for malware protection on Android. It
works well.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 04/25/2013 08:15 PM, Jim Henderson wrote:
> the free edition of Lookout for malware protection on Android

thanks it was installed immediately.

i am so unused to all these malware things…they add a complexity to
life i’m happy to have avoided since '95!

–
dd

On 2013-04-25 21:31, dd wrote:
> On 04/25/2013 08:15 PM, Jim Henderson wrote:
>> the free edition of Lookout for malware protection on Android
>
> thanks it was installed immediately.
>
> i am so unused to all these malware things…they add a complexity to
> life i’m happy to have avoided since '95!

I heard that smartphones security is a joke. That you should run an
antivirus, but they have problems running them because they don’t have
the necessary API published or something like that.

Sorry, I did not pay attention to the details.

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On Thu, 25 Apr 2013 20:03:10 +0000, Carlos E. R. wrote:

> I heard that smartphones security is a joke. That you should run an
> antivirus, but they have problems running them because they don’t have
> the necessary API published or something like that.

Never had a problem with Lookout running on my phone, and I regularly
check for unwanted network traffic. I also run an ad blocker (not that I
don’t want “free” apps to be deprived of revenue from ads, but rather I
don’t want the unwanted network traffic, and ad networks often are also -
I understand - a source of malware.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-04-25 22:45, Jim Henderson wrote:
> On Thu, 25 Apr 2013 20:03:10 +0000, Carlos E. R. wrote:
>
>> I heard that smartphones security is a joke. That you should run an
>> antivirus, but they have problems running them because they don’t have
>> the necessary API published or something like that.
>
> Never had a problem with Lookout running on my phone, and I regularly
> check for unwanted network traffic. I also run an ad blocker (not that I
> don’t want “free” apps to be deprived of revenue from ads, but rather I
> don’t want the unwanted network traffic, and ad networks often are also -
> I understand - a source of malware.

Oops, I made a typo.

I meant that they have problems creating good antiviruses.

Heard that on the radio about a month ago or more: at weird hours they
talk about computers and such things. Weird like 4 AM, when nobody
listens… so “shop talk” does not spoil commercial ratings

Of course, I could be mistaken about what they were really talking
about. At those hours…

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On Thu, 25 Apr 2013 22:18:08 +0000, Carlos E. R. wrote:

> Oops, I made a typo.
>
> I meant that they have problems creating good antiviruses.

To my knowledge, my phone has never had a virus on it. So it seems that
the AV/anti-malware solution I’m using works fine. I do tend to install
rather a lot of odd stuff on my phone, too.

Though there are entire categories of software I steer clear of, and
those are probably the ones that most likely are infected. Stuff that
Apple wouldn’t allow in their App Store in a million years for content
reasons, among other things (to be clear, that’s the stuff I steer clear
of).

> Heard that on the radio about a month ago or more: at weird hours they
> talk about computers and such things. Weird like 4 AM, when nobody
> listens… so “shop talk” does not spoil commercial ratings
>
> Of course, I could be mistaken about what they were really talking
> about.
> At those hours…

It’s also possible at that time that they didn’t know what they were
talking about.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-04-26 01:46, Jim Henderson wrote:
> On Thu, 25 Apr 2013 22:18:08 +0000, Carlos E. R. wrote:

>> At those hours…
>
> It’s also possible at that time that they didn’t know what they were
> talking about.

Heh, no, he is “one of us”, not a talking head.

When I happen to have the radio on at those times I learn a few
interesting things, but I never know the day/hour they’ll interview him.
Or may them, not sure how many “geeks” they have.

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On Fri, 26 Apr 2013 01:53:06 +0000, Carlos E. R. wrote:

> On 2013-04-26 01:46, Jim Henderson wrote:
>> On Thu, 25 Apr 2013 22:18:08 +0000, Carlos E. R. wrote:
>
>
>>> At those hours…
>>
>> It’s also possible at that time that they didn’t know what they were
>> talking about.
>
> Heh, no, he is “one of us”, not a talking head.
>
> When I happen to have the radio on at those times I learn a few
> interesting things, but I never know the day/hour they’ll interview him.
> Or may them, not sure how many “geeks” they have.

I’ve heard plenty of people who are “one of us” talk complete and utter
nonsense before. I had something work-related today, in fact, that had
me hitting my head on the wall because this geek was saying something
that was completely nonsensical.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-04-26 06:27, Jim Henderson wrote:
> On Fri, 26 Apr 2013 01:53:06 +0000, Carlos E. R. wrote:

>> When I happen to have the radio on at those times I learn a few
>> interesting things, but I never know the day/hour they’ll interview him.
>> Or may them, not sure how many “geeks” they have.
>
> I’ve heard plenty of people who are “one of us” talk complete and utter
> nonsense before. I had something work-related today, in fact, that had
> me hitting my head on the wall because this geek was saying something
> that was completely nonsensical.

It happens.

So I take what they say with curiosity and a grain of salt

Mostly what these particular chaps say is correct, to my knowledge. I
would make comments to this or that, but a big radio station is not a
forum, and no, I will not use facebook

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

Do you have a USA phone? This does make a difference in some cases. As far as I know the only writable area of your Android device is within the /external memory area unless the code is installed with the app itself. You must have picked something up from an app you installed or a malicious website. I am very cautious when installing apps from the Google play store.

If you want to get rid of everything virus wise and you do not have too much personalized stuff on you phone then you can do a factory reset. This will format/re
-partition your device and then install the original OS and apps from a secure partition.

There are a couple of things to note,
If you have a rooted device then all bets are off and I would start with looking at the /etc/hosts file.
If you have an S-off device then all bets are off and you can not even safely Factory reset, throw the phone away.
Are you using the browser on Public/open Wifi, It so then you are susceptible to man in the middle attack. This seems to be a quite popular thing to do at the moment for android devices.

On 05/02/2013 05:26 PM, anika200 wrote:
> Do you have a USA phone?

no, it is a tablet…
i had (just) a browser hijack [where somehow the homepage was reset
to a shopping site] which i ‘fixed’ and then loaded Lookout on Jim’s
recommendation (THX, btw)…it reports no malware…

–
dd

On Thu, 02 May 2013 15:26:01 +0000, anika200 wrote:

> If you have an S-off device then all bets are off and you can not even
> safely Factory reset, throw the phone away.

That’s not entirely true, you can always reflash with a clean ROM.

Done it many times here.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C