BLU manufactured mobile devices have been discovered with preinstalled adware known as Android/Adware.YeMobi.
Behavior of YeMobi
The incriminating behavior of adware YeMobi is its ability to launch the default browser on a mobile device and use it to display ads. There is an unusual element to this as well—it only displays ads while the Google Play store app is running. As seen in the code below, if com.android.vending (the Google Play store app) is active, activity MessageLoadDetail is loaded. Activity MessageLoadDetail then goes onto to display ads.
The rise of preinstalled malware
Buying a new phone only to find it comes preinstalled with adware or even more dangerous malware is frustrating. Trust us, it’s just as frustrating not being able to remove these apps for our customers.
With the ease of selling online, Android devices re-imaged with custom ROMs(“Read-Only Memory”) containing preinstalled shady/malicious apps are starting to appear more and more on the online marketplace. Sellers can easily re-image an Android device with a custom ROM which replaces the default operating system—typically stored in read-only memory. Sellers then turn around and sell these devices for cheap online.
Just like when installing apps, it’s important to buy your mobile device from trusted sources. Avoid buying devices online from untrusted sellers/stores; even if the price is hard to pass up.
Disabling YeMobi and other preinstalled apps
In order to keep essential operating system apps from being removed on Android devices, you cannot uninstall preinstalled apps. However, you can disable some preinstalled apps—like Adware YeMobi. Simply go into settings > apps, find the YeMobi app, open its settings, and disable it via the Disable button.
Finding preinstalled malware on your device can be tricky—a mobile scanner can assist with finding them for you. Malwarebytes Anti-Malware Mobile detects Adware YeMobi along with other preinstalled malware and can be found for FREE on Google Play.
As always, stay safe out there!
I have a Blu phone with the YeMobi app pre-installed. I tried to disable it but it doesn’t show up on the list, even after I clicked “show system apps”. The File Manager doesn’t list such a file, but it shows a file called “data_acquisition.dat” in the “Android” folder. This is the file name listed on the MalwareBytes whitelist for YeMobi. (it is the only file in “Android” not in a subfolder). I copied it to my SD card and changed the file extension to “.txt” and opened it with msword. It contains only a single 12-digit string. Can anyone tell me whether:
1) Deleting it will eliminate YeMobi without otherwise affecting the operation of the phone?
2) if not, will altering the 12-character string accomplish that? If so, does it need to be replaced with a specified string or will replacing any character with a different digit work? Can the string be deleted entirely, leaving an empty file? I’m not going to try to hack the file until I know what exactly to do with it so as not to screw up my phone.
Unable to find any info to answer questions in previous post, after 2 weeks, I decided I could no longer put up with the ads interrupting anything and everything I tried to do. ex: every time I DLed anything when I opened file manager, selected the DLed file, and clicked “move”, I’d get an ad drawn over it before I could select destination folder. At risk of maybe having to reset the phone, I deleted the data_acquisition.dat file. Surprisingly, the only way it affected the phone was that it forgot stored automatic logins for apps on the SD card. Once I signed back in to those apps, the phone works exactly as before without the ads, with one small exception: every time I shut it down, it forgets them again.
whats the hate for custom roms and rooting. i am a firm beliver that these huge organizations and governments are the ones we should be worring about for the most part. i root all my phones and i delete preinstalled apps and my device and i are quite content. i dont know if you guys are in there pocket or u just simple believe there propaganda bs. but maybe u should rethink the whole situation do some pros and cons, just saying !!!!!
root ur device, this will give u root priveliges. with this done you could remove what ever u want, it basicaly freeing ur phone from a dictator. you could program ur phone to do the dishes !!!