Flyme OS featuring Spy & Malware!
Contributor

well… we need some comment from AVG then… and then will be funny to see what Meizu will say about it… IF all that are positive…

@Rey hello can I ask something please? I was read your post and immediately I scan my meizu mx4 pro with meizu security and found nothing, then I use AVG antivirus and found 2 malware, one is the video app by meizu and the other is app called life, I must be aware for something? Ty in advance

Meizu MX4

I extracted the application with apk extractor and scanner again : https://www.virustotal.com/en/file/b543ec1d612f5cda6d5cf5282e2f42279969e55ba8b34dd457d159dde6c2f812/analysis/1454450887/
now the detection ratio is 7 / 52 .
I also send some other app :
https://www.virustotal.com/en/file/28d9e24b6e005b51834720d588cafbf0827979d8c0c3236dbb40d08584c7bbf7/analysis/1454450557/
https://www.virustotal.com/en/file/892c988c5cae7e828a7496bc1c6a9b4889e3991677a9771148aff6d59c290e50/analysis/1454450552/
https://www.virustotal.com/en/file/3f75a4bd9f18ca510598538d065e6c480a7d9eec24526d39d9cac8b2916df261/analysis/1454450543/
https://www.virustotal.com/en/file/a6386bb76cbd44aa6ff5995d537f39f2362296ec7e06675ed5ad2601e64b0964/analysis/1454450541/
Nothing to report for them.

Waiting for explanation from Meizu

last edited by robin4002

is this only for flyme5 or others too?
didnt do the virus scan yet, but xprivacy does not show any odd requests, or atleast not more than thw average google services…

Contributor

@nowv It’s worse in Flyme 4.x
So this affects every Meizu phone and every Android powered FlymeOS firmware, as far as I know.

The unofficial statement of Meizu is: that developers test it with Chinese AntiVirus software, and that this one works different.

And 360 Security shows that the Messanger app has a problem. Also locking Apps to the Ram isn’t considered good, what’s needed in Flyme 5 to get notifications.

last edited by Ultrametric

Did anyone of you make those tests with Global stable version ? :)
Don’t forget, that China has different laws than other countries :P

Also, in beta versions many developers put spying code, to check how app is acting.

alright, so i checked my phone, some antivirus scanners come up clean besides my root status. avg sees 3 threats in com.meizu.account (basically as pup and privacy issues).

1 of the three “android/deng” is prob a false positive.

next one is “android/dgen smsreg” thia service i have seen too in some miui dwvices and is used to send texts (willingly or unwillingly) this can be verification services but may also be used to skim money of your subscription, subscribe to debious services etc. all in all, cant say if safe or not.

finally the last is “gen__pup” or general potentially unwanted program. not a virus or spyware but has more than neccesary permissions and can in theory install other apps unwillingly or push pop up ads.

all in all, not the best testresult i have seen, but also not very dangerous. i think we should be able to delete these threaths i found, smsreg was easy to uninstall in miui but it seems that in flyme its embedded. we will see how it goes.

tested on 4.5.4.2A

Contributor

@Tymcio As you know, I am in the global Beta Team.
Tested it and reported it yesterday.

Tifa responded, and it’s been taken care of.

That’s all I know.

And I think China has, laws at all. Companies can just do what ever they want to do.

last edited by Ultrametric
Meizu MX4

@nowv

Android/Deng:

Rank this week: Nº 12
Websites affected: 24
Users affected: 1,000,000 - 5,000,000
Affected Operating Systems: Android

http://www.avgthreatlabs.com/ww-en/virus-and-malware-information/info/android-deng/


1 - AVG : https://youtu.be/Ckw…wkJoR_IwA?t=6s�- 3 Minacce
2 - 360 Security : https://youtu.be/CkwkJoR_IwA?t=35s - 1 Vulnerabilità
3 - Avast : https://youtu.be/CkwkJoR_IwA?t=1m35s- 0
4 - CM Security : https://youtu.be/CkwkJoR_IwA?t=2m6s- 0
5 - Avira : https://youtu.be/CkwkJoR_IwA?t=2m54s- 0
6 - Norton : https://youtu.be/CkwkJoR_IwA?t=3m24s- 0
7 - E-Mobile Security: https://youtu.be/CkwkJoR_IwA?t=4m39s- 2 Minacce (video.apk)
8 - Kaspersky : https://youtu.be/CkwkJoR_IwA?t=6m47s- 0
9 - Comodo : https://youtu.be/CkwkJoR_IwA?t=9m33s- 3 Minacce (mzAccount-life-gamecenter)
10 - 360 Security Lite : https://youtu.be/CkwkJoR_IwA?t=10m15s- 1 Vulnerabilità
11 - Bitdefender Free : https://youtu.be/CkwkJoR_IwA- 0
12 - McAfee : https://youtu.be/CkwkJoR_IwA?t=11m46s- 1 (mzgame)
13 - TrustGo : https://youtu.be/CkwkJoR_IwA?t=14m3s- 2 (messaggi- life)
14 - Panda Mobile : https://youtu.be/CkwkJoR_IwA?t=15m9s- 0
15 - Dr. Web Light : https://youtu.be/CkwkJoR_IwA?t=18m47s- 3 (sms - video)
16 - Antivirus for Android : https://youtu.be/CkwkJoR_IwA?t=19m45s- 0
17 - 360 : https://youtu.be/CkwkJoR_IwA?t=21m5s- 0
18 - Stagefright Detector : https://youtu.be/CkwkJoR_IwA?t=21m50s- 1 vulnerabilità

last edited by Naphtha
Admin

@Tymcio sure.
Do you think it is legitimate to use governmental Spyware to check app activity?

There is something called “debugger” or the in-built Crash Reporter from Google. Both offering very exact and anonymous logs.

Despite that, do you think that the use of Spyware complies with Chinese laws? I do not think so either.
Therefore post your Meizu propaganda somewhere else. Meizu official’s who do not want to take criticism and instead try to increase their sales, are NOT welcome here.

This is an independent forum, free of any direct influence from Meizu.

@Rey do you know Chinese laws about checking people, and everything? :)
Maybe there it is allowed, and most of us use phones prepared for their market, not for ours :P

Meizu MX4

@Tymcio
I don’t care about that. We’re only good for spending our money in Meizu products ? We now have more positive , they need to clarify this . I’m living in Italy not in China .

If they aren’t able to maintain the developing to the global firmware, in all the devices and push people to asian firmware (with more positive!!). Who make a failure? Customer? No! Meizu. Tell how can be possible this: Flyme 5 (Android 5.1) is vulnerable at stagefright, CM12.1 Unofficial (builded by 3-4 guys) haven’t vulnerability.

last edited by Naphtha
Meizu Pro 6

@Naphtha @Rey So what are these detected “spy & malwares” supposedly doing?

Only @nowv has actually tried to dig into what these alarms mean and they didn’t seem serious.

Anyone else has some more info about whether these are real threats or not? Or is this just typical internet sensationalism :p

Looks like your connection to Meizufans was lost, please wait while we try to reconnect.