Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.
Your phone model:
i forgot; it was my dad's realme
Packages:
com.realme.securitycheck
[ it was not in the list, so i didn't dare to remove it ] I removed all those packages on my phone
If not why. Leave the brackets blank and explain why.
Preinstalled package on a realme phone. Has suspicious class names that might point to spyware, adware or unwanted analytics:
com.realme, com.oppo, com.facebook.ads, com.google.ads, com.oppo.statistics.record, com.nearme.log.uploader, com.vungle.warren.analytics, com.vungle.warren.persistence, com.vungle.warren.downloader.
Seems like sending analytics to Facebook, Oppo, realme and using "nearme".
App can read/write to External Storage.
Files may contain hardcoded sensitive information like usernames, passwords, keys etc.
The App uses an insecure Random Number Generator.
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
MD5 is a weak hash known to have hash collisions.
SHA-1 is a weak hash known to have hash collisions.
Description. Was found on a realme phone, model forgotten, was preinstalled, had missing information and the "apk needed" tag. This APK is pulled from a Russian phone and might be different from other countries' versions. Application shows highly suspicious activities, sends analytics to HeyTap, connects to Facebook Ads, Google Ads, "Vungle" and seems to have anti-debug. Was not tested if boot-loops the phone if removed. Highly recommended to uninstall.
Your phone model: i forgot; it was my dad's realme
Packages:
Document each package the best you can
Download: https://cdn.discordapp.com/attachments/1120740633020215347/1125016050925305896/RUISecurityAnalysis.apk
Preinstalled package on a realme phone. Has suspicious class names that might point to spyware, adware or unwanted analytics: com.realme, com.oppo, com.facebook.ads, com.google.ads, com.oppo.statistics.record, com.nearme.log.uploader, com.vungle.warren.analytics, com.vungle.warren.persistence, com.vungle.warren.downloader. Seems like sending analytics to Facebook, Oppo, realme and using "nearme".
Pithus report: https://beta.pithus.org/report/4d789fe4db9f97821c4c950ce83cce74fbc0de4dcddda2e1535dd786e7251e6a#behavior_analysis Matches tags anti_vm, anti_debug; Activities: com.realme.securitycheck.SecurityCheckActivity, com.facebook.ads.AudienceNetworkActivity, com.google.android.gms.ads.AdActivity, com.vungle.warren.ui.VungleActivity, com.opos.cmn.an.transactivity.api.TransActivity;
App can read/write to External Storage. Files may contain hardcoded sensitive information like usernames, passwords, keys etc. The App uses an insecure Random Number Generator. App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database. MD5 is a weak hash known to have hash collisions. SHA-1 is a weak hash known to have hash collisions.
android.permission.READ_PHONE_STATE, android.permission.SYSTEM_ALERT_WINDOW, android.permission.internet
Accesses API endpoints: Vungle, HeyTap ads: https://ads.api.vungle.com/, https://adx-*.ads.heytapmobile.com/ads/mix-frgn/V3/stg
Removal:
Highly Recommended
com.realme.securitycheck