At the moment, it is unknown where this malware comes frombut researchers have found clues in another app called Ro Dhan: Earn Wallet Cash, which was previously available on Google Play.
How to know if there is a spy application on the cell phone
There are different steps that can be performed to scan the mobile for any spyware or spyware application.
1. Scan with Play Protect
This tool, available in the Play Store, reviews the mobile and the applications in search of any harmful behavior. In case any risk is found, the user receives a notification. This setting is enabled by default and the scans are done automatically.
To check that the option is enabled and verify that it is working properly, you have to enter the Play Store, from your mobile, press on the profile photo that is in the upper right margin and a menu of options will be displayed.
One of them is Play Protect. Enter there and see the report.
To make sure the option is enabled, tap the gear icon and verify that app scanning with Play Protect is turned on.
2. Check where apps were downloaded from and what permissions they have
When having Play Protect activated, an automatic scan of the installed apps is carried out, but it does not hurt to do a double manual verification. An interesting point is to check the permissions that the installed platforms have as well as where they were downloaded from.
To access this information, go to gear icon (the nut symbol) on the mobile, then enter in Applications and there go entering each one to verify where it says permissions as well as in Store application details. The latter serves to see where the app was downloaded from, which is very important, because if the download was made from an unofficial store, there is more risk that it is a malicious program.
3. Access safe mode to delete suspicious apps
When the phone is restarted in safe mode, it disables all third-party applications and allows you to delete apps that otherwise could not be deleted. It should be noted that this will not work if the malware had root access to the system.
How to access safe mode
To start in safe mode you have to press the power button until that alternative appears. In some models, when you press the shutdown button, the Shutdown option appears and you have to press there again until the legend Safe Mode appears and then click on that option again.
Then you must go to Configuration or Settings and there enter Applications. You will see a list with all the download apps. You have to check if you find any with a strange name or that you don’t remember having downloaded and delete it.
Before doing so, it is advisable to do a search to find out what is being removed from the device and avoid uninstalling any useful programs that could affect its proper functioning.
In case there is any suspicion that cannot be removed, you must enter Settings or Settings / Lock and security / Other security settings / Device administration. There you must disable the access of the suspicious program.
In the event that none of this works, you can resort to making a copy of all the information on the cell phone and doing a factory reset within the Settings menu.