@Ratikanta wrote:
Our application is in beta release. After downloading from play store, in some android devices it is slowing the app is malicious. Please refer to the images. In some devices it is showing warning when transfer money in Google Pay.
In Android it is showing:
Risk level: High
Risk name: Android:Evo-gen[Trj]+AG1335518|egap
Risk details: The virus is a trojan. It is a malware designed to provide unauthorized, remote access to a user’s device. Then can lead to other malware being installed on a machine, various data being stolen, or other malicious activities.
I tried take help of MobSF, but could not install. Could not take help from Owasp Zap and Burp Suit. Could not find much content regarding this issue too. Please help. I am attaching my config.xml and package.json
Config.xml
<widget id="org.sdrc.khabarodisha" version="1.1.2-beta" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0"> <name>App name</name> <description>Description</description> <author email="xyz@gmail.com" href="https://exampe.com">Example</author> <content src="index.html" /> <access origin="*" /> <allow-intent href="http://*/*" /> <allow-intent href="https://*/*" /> <allow-intent href="tel:*" /> <allow-intent href="sms:*" /> <allow-intent href="mailto:*" /> <allow-intent href="geo:*" /> <preference name="ScrollEnabled" value="false" /> <preference name="android-minSdkVersion" value="19" /> <preference name="BackupWebStorage" value="none" /> <preference name="SplashMaintainAspectRatio" value="true" /> <preference name="AutoHideSplashScreen" value="false" /> <preference name="ShowSplashScreen" value="true" /> <preference name="FadeSplashScreen" value="true" /> <preference name="FadeSplashScreenDuration" value="300" /> <preference name="SplashShowOnlyFirstTime" value="false" /> <preference name="SplashScreen" value="screen" /> <preference name="SplashScreenDelay" value="6000" /> <preference name="AndroidLaunchMode" value="singleTask" /> <platform name="android"> <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android"> <application android:networkSecurityConfig="@xml/network_security_config" /> </edit-config> <resource-file src="resources/android/xml/network_security_config.xml" target="app/src/main/res/xml/network_security_config.xml" /> <allow-intent href="market:*" /> <icon density="ldpi" src="resources/android/icon/drawable-ldpi-icon.png" /> <icon density="mdpi" src="resources/android/icon/drawable-mdpi-icon.png" /> <icon density="hdpi" src="resources/android/icon/drawable-hdpi-icon.png" /> <icon density="xhdpi" src="resources/android/icon/drawable-xhdpi-icon.png" /> <icon density="xxhdpi" src="resources/android/icon/drawable-xxhdpi-icon.png" /> <icon density="xxxhdpi" src="resources/android/icon/drawable-xxxhdpi-icon.png" /> <splash density="land-ldpi" src="resources/android/splash/drawable-land-ldpi-screen.png" /> <splash density="land-mdpi" src="resources/android/splash/drawable-land-mdpi-screen.png" /> <splash density="land-hdpi" src="resources/android/splash/drawable-land-hdpi-screen.png" /> <splash density="land-xhdpi" src="resources/android/splash/drawable-land-xhdpi-screen.png" /> <splash density="land-xxhdpi" src="resources/android/splash/drawable-land-xxhdpi-screen.png" /> <splash density="land-xxxhdpi" src="resources/android/splash/drawable-land-xxxhdpi-screen.png" /> <splash density="port-ldpi" src="resources/android/splash/drawable-port-ldpi-screen.png" /> <splash density="port-mdpi" src="resources/android/splash/drawable-port-mdpi-screen.png" /> <splash density="port-hdpi" src="resources/android/splash/drawable-port-hdpi-screen.png" /> <splash density="port-xhdpi" src="resources/android/splash/drawable-port-xhdpi-screen.png" /> <splash density="port-xxhdpi" src="resources/android/splash/drawable-port-xxhdpi-screen.png" /> <splash density="port-xxxhdpi" src="resources/android/splash/drawable-port-xxxhdpi-screen.png" /> </platform> <platform name="ios"> <allow-intent href="itms:*" /> <allow-intent href="itms-apps:*" /> <icon height="57" src="resources/ios/icon/icon.png" width="57" /> <icon height="114" src="resources/ios/icon/icon@2x.png" width="114" /> <icon height="29" src="resources/ios/icon/icon-small.png" width="29" /> <icon height="58" src="resources/ios/icon/icon-small@2x.png" width="58" /> <icon height="87" src="resources/ios/icon/icon-small@3x.png" width="87" /> <icon height="20" src="resources/ios/icon/icon-20.png" width="20" /> <icon height="40" src="resources/ios/icon/icon-20@2x.png" width="40" /> <icon height="60" src="resources/ios/icon/icon-20@3x.png" width="60" /> <icon height="48" src="resources/ios/icon/icon-24@2x.png" width="48" /> <icon height="55" src="resources/ios/icon/icon-27.5@2x.png" width="55" /> <icon height="29" src="resources/ios/icon/icon-29.png" width="29" /> <icon height="58" src="resources/ios/icon/icon-29@2x.png" width="58" /> <icon height="87" src="resources/ios/icon/icon-29@3x.png" width="87" /> <icon height="40" src="resources/ios/icon/icon-40.png" width="40" /> <icon height="80" src="resources/ios/icon/icon-40@2x.png" width="80" /> <icon height="120" src="resources/ios/icon/icon-40@3x.png" width="120" /> <icon height="88" src="resources/ios/icon/icon-44@2x.png" width="88" /> <icon height="50" src="resources/ios/icon/icon-50.png" width="50" /> <icon height="100" src="resources/ios/icon/icon-50@2x.png" width="100" /> <icon height="60" src="resources/ios/icon/icon-60.png" width="60" /> <icon height="120" src="resources/ios/icon/icon-60@2x.png" width="120" /> <icon height="180" src="resources/ios/icon/icon-60@3x.png" width="180" /> <icon height="72" src="resources/ios/icon/icon-72.png" width="72" /> <icon height="144" src="resources/ios/icon/icon-72@2x.png" width="144" /> <icon height="76" src="resources/ios/icon/icon-76.png" width="76" /> <icon height="152" src="resources/ios/icon/icon-76@2x.png" width="152" /> <icon height="167" src="resources/ios/icon/icon-83.5@2x.png" width="167" /> <icon height="172" src="resources/ios/icon/icon-86@2x.png" width="172" /> <icon height="196" src="resources/ios/icon/icon-98@2x.png" width="196" /> <icon height="1024" src="resources/ios/icon/icon-1024.png" width="1024" /> <splash height="480" src="resources/ios/splash/Default~iphone.png" width="320" /> <splash height="960" src="resources/ios/splash/Default@2x~iphone.png" width="640" /> <splash height="1024" src="resources/ios/splash/Default-Portrait~ipad.png" width="768" /> <splash height="768" src="resources/ios/splash/Default-Landscape~ipad.png" width="1024" /> <splash height="1125" src="resources/ios/splash/Default-Landscape-2436h.png" width="2436" /> <splash height="1242" src="resources/ios/splash/Default-Landscape-736h.png" width="2208" /> <splash height="2048" src="resources/ios/splash/Default-Portrait@2x~ipad.png" width="1536" /> <splash height="1536" src="resources/ios/splash/Default-Landscape@2x~ipad.png" width="2048" /> <splash height="2732" src="resources/ios/splash/Default-Portrait@~ipadpro.png" width="2048" /> <splash height="2048" src="resources/ios/splash/Default-Landscape@~ipadpro.png" width="2732" /> <splash height="1136" src="resources/ios/splash/Default-568h@2x~iphone.png" width="640" /> <splash height="1334" src="resources/ios/splash/Default-667h.png" width="750" /> <splash height="2208" src="resources/ios/splash/Default-736h.png" width="1242" /> <splash height="2436" src="resources/ios/splash/Default-2436h.png" width="1125" /> <splash height="2732" src="resources/ios/splash/Default@2x~universal~anyany.png" width="2732" /> <icon height="216" src="resources/ios/icon/icon-108@2x.png" width="216" /> <splash height="2688" src="resources/ios/splash/Default-2688h~iphone.png" width="1242" /> <splash height="1242" src="resources/ios/splash/Default-Landscape-2688h~iphone.png" width="2688" /> <splash height="1792" src="resources/ios/splash/Default-1792h~iphone.png" width="828" /> <splash height="828" src="resources/ios/splash/Default-Landscape-1792h~iphone.png" width="1792" /> </platform> <plugin name="cordova-plugin-whitelist" spec="1.3.3" /> <plugin name="cordova-plugin-statusbar" spec="2.4.2" /> <plugin name="cordova-plugin-device" spec="2.0.2" /> <plugin name="cordova-plugin-splashscreen" spec="5.0.2" /> <plugin name="cordova-plugin-ionic-webview" spec="^4.0.0" /> <plugin name="cordova-plugin-ionic-keyboard" spec="^2.0.5" /> <plugin name="cordova-plugin-inappbrowser" spec="^3.2.0" /> <plugin name="cordova-plugin-nativestorage" spec="^2.3.2" /> <plugin name="cordova-sqlite-storage" spec="^4.0.0" /> </widget>
Package.json
{ "name": "App Name", "version": "1.1.2-beta", "author": "Author name", "homepage": "https://homepage.com", "scripts": { "ng": "ng", "start": "ionic serve", "build": "ng build", "test": "ng test", "lint": "ng lint", "e2e": "ng e2e", "android": "ionic cordova run android" }, "private": true, "dependencies": { "@angular/common": "~8.1.2", "@angular/core": "~8.1.2", "@angular/forms": "~8.1.2", "@angular/platform-browser": "~8.1.2", "@angular/platform-browser-dynamic": "~8.1.2", "@angular/router": "~8.1.2", "@auth0/angular-jwt": "^3.0.1", "@fortawesome/angular-fontawesome": "^0.5.0", "@fortawesome/fontawesome-svg-core": "^1.2.28", "@fortawesome/free-solid-svg-icons": "^5.13.0", "@ionic-native/app-version": "^5.23.0", "@ionic-native/browser-tab": "^5.19.1", "@ionic-native/core": "^5.0.0", "@ionic-native/deeplinks": "^5.19.1", "@ionic-native/device": "^5.23.0", "@ionic-native/email-composer": "^5.23.0", "@ionic-native/facebook": "^5.24.0", "@ionic-native/google-plus": "^4.20.0", "@ionic-native/in-app-browser": "^5.19.1", "@ionic-native/launch-review": "^5.23.0", "@ionic-native/market": "^5.23.0", "@ionic-native/native-storage": "^5.19.1", "@ionic-native/network": "^5.24.0", "@ionic-native/screenshot": "^5.21.5", "@ionic-native/social-sharing": "^5.23.0", "@ionic-native/splash-screen": "^5.0.0", "@ionic-native/status-bar": "^5.0.0", "@ionic-native/toast": "^5.23.0", "@ionic-native/unique-device-id": "^5.23.0", "@ionic/angular": "^4.7.1", "@ionic/storage": "^2.2.0", "@ngx-translate/core": "^12.1.2", "@ngx-translate/http-loader": "^4.0.0", "angularfire2": "^5.4.2", "angularx-social-login": "^2.2.1", "animate.css": "^3.7.2", "com.darktalker.cordova.screenshot": "^0.1.6", "cordova-android": "^8.0.0", "cordova-launch-review": "^3.1.1", "cordova-plugin-advanced-http": "^2.4.0", "cordova-plugin-app-version": "^0.1.9", "cordova-plugin-compat": "^1.2.0", "cordova-plugin-device": "^2.0.2", "cordova-plugin-device-name": "^1.3.5", "cordova-plugin-email-composer": "^0.9.2", "cordova-plugin-facebook4": "^6.4.0", "cordova-plugin-file": "^6.0.2", "cordova-plugin-inappbrowser": "^3.2.0", "cordova-plugin-ionic-keyboard": "^2.2.0", "cordova-plugin-ionic-webview": "^4.1.3", "cordova-plugin-market": "^1.2.0", "cordova-plugin-nativestorage": "^2.3.2", "cordova-plugin-network-information": "^2.0.2", "cordova-plugin-splashscreen": "^5.0.2", "cordova-plugin-statusbar": "^2.4.2", "cordova-plugin-uniquedeviceid": "^1.3.2", "cordova-plugin-whitelist": "^1.3.3", "cordova-plugin-x-socialsharing": "^5.6.3", "cordova-plugin-x-toast": "^2.7.2", "cordova-sqlite-storage": "^4.0.0", "core-js": "^2.5.4", "es6-promise-plugin": "^4.2.2", "firebase": "^7.14.1", "ionic-swipe-all": "^2.0.0", "ionic4-auto-complete": "^2.6.0", "net": "^1.0.2", "ng-connection-service": "^1.0.4", "ngx-pinch-zoom": "^2.3.4", "rxjs": "~6.5.1", "sockjs-client": "^1.4.0", "stompjs": "^2.3.3", "tslib": "^1.9.0", "zone.js": "~0.9.1" }, "devDependencies": { "@angular-devkit/architect": "~0.801.2", "@angular-devkit/build-angular": "~0.803.8", "@angular-devkit/core": "~8.1.2", "@angular-devkit/schematics": "~8.1.2", "@angular/cli": "~8.1.2", "@angular/compiler": "~8.1.2", "@angular/compiler-cli": "~8.1.2", "@angular/language-service": "~8.1.2", "@ionic/angular-toolkit": "^2.1.1", "@types/jasmine": "~3.3.8", "@types/jasminewd2": "~2.0.3", "@types/node": "~8.9.4", "codelyzer": "^5.0.0", "jasmine-core": "~3.4.0", "jasmine-spec-reporter": "~4.2.1", "karma": "~4.1.0", "karma-chrome-launcher": "~2.2.0", "karma-coverage-istanbul-reporter": "~2.0.1", "karma-jasmine": "~2.0.1", "karma-jasmine-html-reporter": "^1.4.0", "protractor": "~5.4.0", "ts-node": "~7.0.0", "tslint": "~5.15.0", "typescript": "~3.4.3" }, "description": "An Ionic project", "cordova": { "plugins": { "cordova-plugin-inappbrowser": {}, "cordova-plugin-nativestorage": {}, "cordova-plugin-whitelist": {}, "cordova-plugin-statusbar": {}, "cordova-plugin-device": {}, "cordova-plugin-splashscreen": {}, "cordova-plugin-ionic-webview": { "ANDROID_SUPPORT_ANNOTATIONS_VERSION": "27.+" }, "cordova-plugin-ionic-keyboard": {}, "cordova-sqlite-storage": {}, "cordova-plugin-x-socialsharing": {}, "com.darktalker.cordova.screenshot": {}, "cordova-plugin-email-composer": { "ANDROID_SUPPORT_V4_VERSION": "27.+" }, "cordova-launch-review": {}, "cordova-plugin-uniquedeviceid": {}, "cordova-plugin-device-name": {}, "cordova-plugin-market": {}, "cordova-plugin-app-version": {}, "cordova-plugin-x-toast": {}, "cordova-plugin-facebook4": { "APP_ID": "xxxxxxxxxx", "APP_NAME": "App Name", "FACEBOOK_HYBRID_APP_EVENTS": "true" }, "cordova-plugin-network-information": {} }, "platforms": [ "android" ] } }
Posts: 1
Participants: 1