Malware on Sharp Aquos S2 from Joybuy

c64 on 22/12/2018 - 18:28
Last edited 22/12/2018 - 18:29

I am using the Taiwan 7.1 firmware. I was browsing the running services on the phone from the developer tools and I noticed some a curious entry Caivs https://files.ozbargain.com.au/upload/37385/65176/1.jpg . I googled cavis + android and the results suggest it is malware.

Just below there is HyperClip and has the same icon. https://files.ozbargain.com.au/upload/37385/65177/2.jpg . I couldn't find anything on it but it look suspicious

Getting info about the Caivs revealed it has has started another service PhoneStateService https://files.ozbargain.com.au/upload/37385/65178/3.jpg

If you've got the Taiwan 7.1 firmware you might want to check.

To enable developer options you need to:
settings
about phone
press build number 7 times and it will then tell you developer options are enabled
then go back to settings and the developer options will be above about phone

from the develop options click on Running services

to stop them you can click on each service and use the stop button

Mobile Mobile Phone Sharp Android

Related Stores

Joybuy
Joybuy

Comments

  • Diji1 on 22/12/2018 - 19:21
    +1

    Hmm, interesting, I have that too.

    The only thing is there's hardly any information about it and curiously it all seems to relate to Nokia devices although apparently other devices have it.

    • c64 on 23/12/2018 - 08:02

      googling "caivs.apk" also pops up some results about malware on chinese phones but it seems dated

      it seems suspicious

  • Shiny Mew on 22/12/2018 - 23:15

    Thanks for the post. You might want to ask around on Whirlpool, Reddit and other large forums to shed some light on the issue. I also have this service running. What are the best steps I can take in response to this threat?

    • c64 on 23/12/2018 - 09:29

      I posted on Whirlpool as well https://forums.whirlpool.net.au/forum-replies.cfm?t=2772402

      Temp fix just stop the processes at each reboot

      Permanent fix I suspect you will need to root the phone, remove the unwanted apks, and the unroot the phone (apparently this can be done). I'm investing this

  • Clear on 23/12/2018 - 09:35
    +1

    Install some AV apps like Malwarebytes and see if they find anything.

    We can also look inside the apps themselves if you use APK Extractor from the Play Store to extract them from the phone and upload somewhere. It might not see them but if it does it'll be easier to see what they do.

Login or Join to leave a comment
Login Join