Different users have their own requirement for using any application. For finding any good application which make our task to be done quickly. Users usually uses android play store for downloading any application. Now days there are many third party play store which are used to download applications. Such third party stores do not check for any malicious application. According to ethical hacking researcher of international institute of cyber security you can even notice many apps revolving around third party stores. When installing any application, many times users forget to check the permissions.
Downloading application from third party stores can cause damage to your mobile. Such application can capture your photos from your mobile front camera. We will show you some methods to detect spy applications.
Checking RAM Status :-
Several times you may encounter unusual behavior of your mobile. Your mobile might consuming resources of RAM. Which may slow down your mobile performance. While installing, Users don’t check for permission what application is asking for. Always check for permission. Now days many companies offer inbuilt applications for checking usage of memory. Memory Statistics or Memory Notification Bar which helps android user to know utilization of memory.
Checking Running Services :-
- Nowadays mobiles are coming with latest android version or with most recent versions. For example -We are using Xiaomi Redmi Note 4 with Android 7.0 Nougat (Non-Rooted) which comes with an option to check for permissions.
- From Android 6.0 Marshmallow, Google has hide the feature of running applications or services. But in Android 6.0 running services can be shown through Developer options. For enabling Developer options. Go to Settings < About Phone < Baseband Version, or you will find with Mobile Manufacturer Name.
- In Xiaomi Miui Verison. Click simultanously to enable Developer Version. Then go to Developer Version < Running Services.
- There you will see all the running services.
- In running services you will find all applications & services which can be stopped by clicking on particular application.
- In Android 7.0 Nougat you cannot see running applications/ services but you can disable data usage of mobile Data & Wifi usage.
- If any unusual behavior is found. You can uninstall any recent application which you have installed. In some cases, malware’s are so hard coded that applications shows internal system error.
- For example – Below you can see the internal application which can’t be uninstalled.
- Same way there are some malware’s which can’t be uninstalled by going directly to application manager. If you have many applications in your mobile. Go to Settings < Application Manager < Click on Arrow see on the right hand side. Then click on App Installation Time. There you will notice recent application which you have installed.
- After Knowing recent application, Uninstall it. In some cases as mentioned above if application can’t be uninstalled. You can disable its permissions & data, wifi usage.
Disable Mobile Data & Wifi Usage :-
- Android 7.0 gives an option to disable data or wifi usage. Open Settings < Application Manager < Click on Any Application. You will see an options to disable data usage. In Redmi Note 4 Android 7.0 Nougat For checking Data & Wifi Usage. Open Security Application.
- Click on Restrict Data Usage. And select application which you wan to allow for Data usage or Wifi usage.
- If you found any unusual behavior. You can disable its data & wifi usage. According to current stats above listed application don’t require internet.
Checking For Application Permissions :-
- For changing permission of any application. In Android 6.0 Go to Settings < Application Manager < Click on any Application < Permissions.
- There you can manage permission for any application. For example – Below you can see permission which have granted by the user.
- Above you can see permission of application.
- In Android 7.0 Nougat, For changing permission go to Settings < Permissions < Permissions
- Click on any permission, Here you will see list of applications with granted permission.
- For checking system apps permissions. Open any app permission. Then Click on Image Button on the right side. For showing System Applications.
- Above you can see internal application permission. You can also grant or deny for listed system permissions.
Uninstalling Apps Through ADB :-
- In Some Cases if the malicious application is still not uninstalling using above methods. You can uninstall it through adb.
- For using adb. You need to download & install adb installer. Follow this link for configuring & using adb shell.
- For testing we will use Xiaomi Redmi Note 4 with Android 7.0 Nougat Non-Rooted.
- For uninstalling any application you need to know the application package name. For knowing application package name. Download app : https://play.google.com/store/apps/details?id=com.csdroid.pkg&hl=en
- Open Package Names. Find the app name you want to uninstall. Remember its application package name.
- Connect your mobile with computer. Open CMD as administrator. type adb uninstall <application package name > adb uninstall com.adobe.reader
- Above screenshot shows that application has been uninstalled.
Usage of Third-Party Stores :-
- As per ethical hacking researcher of International Institute of cyber Security(iiCyberSecurity), there are many third party stores which are used to download applications. Many users download applications from third party stores.
- You can also find many paid applications for free on such third party stores. Using such third party stores can cause to mobile devices.
- Below you can see third party stores. These might show paid applications free but such applications also come spywares.
- Avoid using such third party stores. Third party stores might cause to your android devices.
Check Process Stats :-
- As per the mobile hacking expert of International institute of cyber Security, process stats contains stats of applications which are used recently. It shows the amount of time spend on application.
- using steps mentioned in Android mobile hacks with android debug bridge Part 1, Android mobile hacks with android debug bridge Part II, for getting all the stat information about the applications which are install. Go to cd /data/systerm/procstats && ls
- Above shows the list of procstats usage of applications. We have opened the first stat file in Winhex editor. Download Editor : https://www.x-ways.net/winhex/
- For opening the stat file. You need to change the permission. For changing permission type chmod 777 stats-2019-07-29-10-44-42.bin
- Copy stats-2019-07-29-10-44-42.bin /storage/emulated/0/Downloads
- Copy the file into your computer. Open stats-2019-07-29-10-44-42.bin in Winhex.
- Above file shows the stats of applications which have been used recently.
Checking Battery Stats :-
- For checking for the batterystat.bin which contains the information about the consumed battery of every individual apps.
- Open the batterystat.bin Follow the above steps for changing permission to opening bin file in Winhex.
- Above screenshot shows android services which are running in the device. From here information can be gathered that on what application are spending time. The above editor only shows the application package names.
- You can find main apps by searching application package name on the internet.
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator. He is a cyber-security researcher with over 25 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked with Google and Citrix in development of cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.