com.realme.securitycheck

Your phone model: i forgot; it was my dad's realme

Packages:

com.realme.securitycheck

[ it was not in the list, so i didn't dare to remove it ] I removed all those packages on my phone If not why. Leave the brackets blank and explain why.

Document each package the best you can

Download: https://cdn.discordapp.com/attachments/1120740633020215347/1125016050925305896/RUISecurityAnalysis.apk

Preinstalled package on a realme phone. Has suspicious class names that might point to spyware, adware or unwanted analytics: com.realme, com.oppo, com.facebook.ads, com.google.ads, com.oppo.statistics.record, com.nearme.log.uploader, com.vungle.warren.analytics, com.vungle.warren.persistence, com.vungle.warren.downloader. Seems like sending analytics to Facebook, Oppo, realme and using "nearme".

Pithus report: https://beta.pithus.org/report/4d789fe4db9f97821c4c950ce83cce74fbc0de4dcddda2e1535dd786e7251e6a#behavior_analysis Matches tags anti_vm, anti_debug; Activities: com.realme.securitycheck.SecurityCheckActivity, com.facebook.ads.AudienceNetworkActivity, com.google.android.gms.ads.AdActivity, com.vungle.warren.ui.VungleActivity, com.opos.cmn.an.transactivity.api.TransActivity;

App can read/write to External Storage. Files may contain hardcoded sensitive information like usernames, passwords, keys etc. The App uses an insecure Random Number Generator. App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database. MD5 is a weak hash known to have hash collisions. SHA-1 is a weak hash known to have hash collisions.

android.permission.READ_PHONE_STATE, android.permission.SYSTEM_ALERT_WINDOW, android.permission.internet

Accesses API endpoints: Vungle, HeyTap ads: https://ads.api.vungle.com/, https://adx-*.ads.heytapmobile.com/ads/mix-frgn/V3/stg

Removal: Highly Recommended