- CheckMates
- :
- Products
- :
- Harmony
- :
- Mobile
- :
- Re: com.adups.fota. How to remove it?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
com.adups.fota. How to remove it?
As I can't find any support option for Sandblast Mobile, I'm now trying the forum to find out possible answers for this.
One of the mobile phones on our Sandblast Mobile suite shows now the dreadful "fota" Chinese backdoor/malware. Checkpoint Mobile is unable to remove it as it part of the Android kernel. Short of rooting the thing, is there any other (less inutrusive) method of removing it from the phone?
Regards
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you want a formal statement from support, you should contact them (and yes, they support Capsule Protect): Contact Support | Check Point Software
There are some risks that can easily be identified but cannot be mitigated due to technical limitations imposed by mobile operating systems.
For example, on iOS, no app can initiate an action to delete another application--this must be done manually by the user.
If the operating system itself has the risk baked in, as seems to be the case with adups on some devices, removal is a non-trivial exercise.
Why alert on these risks? So you are aware of it and can take appropriate action.
When used with an MDM and/or Capsule Workspace, for instance, you can restrict a potentially unsafe device from accessing protected resources.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If it's installed in the kernel, there's not much you can do to remove it.
A quick Google search suggests it's possible to disable the relevant components, however: How to Test for Adups' Spyware on Your Phone—& Disable It « Android :: Gadget Hacks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, Dameon, although I was kinda looking for a Checkpoint support formal response to this. After all, whats' the use of pointing out the problem if you don't (Checkpoint, I mean) have a straghtforward answer to solve it? Adups is rather pervasive now, I was only hoping that Checkpoint would have a simple answer. After all, there are now reportedly over 700.000 devices infected (not only ZTE).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you want a formal statement from support, you should contact them (and yes, they support Capsule Protect): Contact Support | Check Point Software
There are some risks that can easily be identified but cannot be mitigated due to technical limitations imposed by mobile operating systems.
For example, on iOS, no app can initiate an action to delete another application--this must be done manually by the user.
If the operating system itself has the risk baked in, as seems to be the case with adups on some devices, removal is a non-trivial exercise.
Why alert on these risks? So you are aware of it and can take appropriate action.
When used with an MDM and/or Capsule Workspace, for instance, you can restrict a potentially unsafe device from accessing protected resources.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My dear Dameon, as always I deeeeply appreciate your feedback. Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dameon is 100% correct. Due to Android and iOS OS limitations, SandBlast Mobile can't remove some of the threats (while others can be removed by SandBlast Mobile). I would say that in this specific case, SandBlast Mobile will indicate about Adups, and this will be followed by automatic disconnection of the device from organizational assets (MDM or Container).