Installer Hijacking Scanner
Free AppAbout Installer Hijacking Scanner
The Android Installer Hijacking vulnerability can be used by attackers to potentially distribute malware, compromise devices, and steal user data. This free applications from Palo Alto Networks detects if your device is vulnerable to this serious exploit, allowing you to take steps to protect your sensitive data.
Before you start testing on your device, please read the [How-to-use] below. Go through the video bellow will also be greatly helpful. Thanks for your patience.
Briefly, this vulnerability has been patched on Android version 4.4 and up. Devices with Android version 4.3 may contain this vulnerability, depending on vendors. Devices with Android version <=4.2 all have this vulnerability.
Learn more about the vulnerability here: http://researchcenter.paloaltonetworks.com/2015/03/android-installer-hijacking-vulnerability-could-expose-android-users-to-malware/
Demo video:
https://www.youtube.com/watch?v=81slOhjrZXY
https://www.youtube.com/watch?v=AgPEoYdHE34
How-to-use:
* [IMPORTANT] To install the dummy app, it requires you to enable the "Unknown Sources" setting (Thank David LaVeque for the reminder). If you did not change the setting before trying the scanner app, your phone may be falsely reported as vulnerable. In this case, please click 'reset' button, and retry the app.
* Please follow the step 1 -> 2 ->3 to finish the scan. Step 1 starts an app installation procedure. Please follow the procedure and install that dummy app. Step 2 helps to check the existence of vulnerability. Step 3 'reset' will remove that dummy app you just installed.
* You may be asked to install an apk file. This is a dummy app with no content. Since this is a OS vulnerability, we have to go through the installation procedure in order to determine if the device is vulnerable or not. This dummy app will be uninstalled when you press the 'reset' button.
* If the device does not contain this vulnerability, the dummy app will not be installed. So, when you press the 'reset' button, the app uninstallation window will not pop up.
* On some devices, after first install, some devices may report error with "Parser Failure". Please restart the app and try again.
Copryright: Copyright ©2015, Palo Alto Networks, Inc. All rights reserved. Palo Alto Networks, the Palo Alto Networks Logo, are trademarks of Palo Alto Networks, Inc. All specifications are subject to change without notice. Palo Alto Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Palo Alto Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Before you start testing on your device, please read the [How-to-use] below. Go through the video bellow will also be greatly helpful. Thanks for your patience.
Briefly, this vulnerability has been patched on Android version 4.4 and up. Devices with Android version 4.3 may contain this vulnerability, depending on vendors. Devices with Android version <=4.2 all have this vulnerability.
Learn more about the vulnerability here: http://researchcenter.paloaltonetworks.com/2015/03/android-installer-hijacking-vulnerability-could-expose-android-users-to-malware/
Demo video:
https://www.youtube.com/watch?v=81slOhjrZXY
https://www.youtube.com/watch?v=AgPEoYdHE34
How-to-use:
* [IMPORTANT] To install the dummy app, it requires you to enable the "Unknown Sources" setting (Thank David LaVeque for the reminder). If you did not change the setting before trying the scanner app, your phone may be falsely reported as vulnerable. In this case, please click 'reset' button, and retry the app.
* Please follow the step 1 -> 2 ->3 to finish the scan. Step 1 starts an app installation procedure. Please follow the procedure and install that dummy app. Step 2 helps to check the existence of vulnerability. Step 3 'reset' will remove that dummy app you just installed.
* You may be asked to install an apk file. This is a dummy app with no content. Since this is a OS vulnerability, we have to go through the installation procedure in order to determine if the device is vulnerable or not. This dummy app will be uninstalled when you press the 'reset' button.
* If the device does not contain this vulnerability, the dummy app will not be installed. So, when you press the 'reset' button, the app uninstallation window will not pop up.
* On some devices, after first install, some devices may report error with "Parser Failure". Please restart the app and try again.
Copryright: Copyright ©2015, Palo Alto Networks, Inc. All rights reserved. Palo Alto Networks, the Palo Alto Networks Logo, are trademarks of Palo Alto Networks, Inc. All specifications are subject to change without notice. Palo Alto Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Palo Alto Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
All Application Badges
Free
downl.
downl.
Android
2.3+
2.3+
Bug
buster
buster
Android app
App History & Updates
What's Changed
Fixed bugs when running on some Android devices. * Please enable the "Unknown Sources" setting before start scanning. * If there is still 'Parse Error' message, please restart the app and try again.
Fixed bugs when running on some Android devices. * Please enable the "Unknown Sources" setting before start scanning. * If there is still 'Parse Error' message, please restart the app and try again.
More downloads Installer Hijacking Scanner reached 50 000 - 100 000 downloads
What are users saying about Installer Hijacking Scanner
Q
by Q####:
by Q####:
How i use this app. How it work plz suggest me early
S
by S####:
by S####:
My device is infected or has been hijacked, then what? How can I remove this?
B
by B####:
by B####:
Won't work. "Can't parse the package" Whatever that means
D
by D####:
by D####:
It installed and ran fine, but it says I have the vulnerability. Verizon Samsung Galaxy S4 running 4.4.2. This contradicts the app description which says that the vulnerability was patched on version 4.4 and up. Is this an issue with Verizon's 4.4.2 not incorporating the patch, or is this an issue with this particular app not working the way it was intended? I don't know!
D
by D####:
by D####:
Wtf is "Fun app"?!
D
by D####:
by D####:
It comes up as dummy app, I press install it now says replacement app but it says app not installed.
D
by D####:
by D####:
I love it bcz it save my phone. Thanks a lot Admin n also thanks to Hindustan who tell me about this app.
D
by D####:
by D####:
ran test and it's saying that it's vulnerable.. any way to patch it. other then waiting on carrier..
E
by E####:
by E####:
No problems with: 1. Installation, if you understand the English language, will disable third party in a while. 2. Definitely confirmed the Dr. Web alert on the malware, so he stays. I appreciated what Waylon had to say abundantly! Hahaha!!
T
by T####:
by T####:
Right after I hit the start button it crashes. The message says Scan Stopped then it closes.
R
by R####:
by R####:
It first said android 5.1 on my nexus 5 had the vulnerability after the March 26th update then ran the test again and it said I was safe so which is it, am I safe or not also I may point out that my nexus 5 is rooted
C
by C####:
by C####:
This app totally wiped out my tablet cannot boot past start screen. Warning - do not use this app - google should pull immediately.
U
by U####:
by U####:
How i use this app. How it work plz suggest me early
Q
by Q####:
by Q####:
I have try this app but dummyapp is not installed my phone plz check this issue.. Thanks...
U
by U####:
by U####:
What to do after detection of vulnerability? Which app is vulnerable? There is no information regarding this. Then what is the use of this app.?
D
by D####:
by D####:
This app is not working my galaxy grand prime....
U
by U####:
by U####:
Does not work
E
by E####:
by E####:
I dont soure this app after app loding
U
by U####:
by U####:
I love it bcz it save my phone. Thanks a lot Admin n also thanks to Hindustan who tell me about this app.
U
by U####:
by U####:
Thanks for this app. ☺
U
by U####:
by U####:
Great
U
by U####:
by U####:
Is good for android phone.
S
by S####:
by S####:
ran test and it's saying that it's vulnerable.. any way to patch it. other then waiting on carrier..
O
by O####:
by O####:
Just tried it and my Samsung Galaxy running 4.1.2 doesn't have the thing installed and appears t be safe currently. I guess we are supposed to do periodic checks?
S
by S####:
by S####:
This proof of concept app is poorly done, probably not well tested, and actually will tell vulnerable phones that they are safe. Not to be trusted. A security company really should invest in better testing before releasing an app and stirring up some dirt and false claims that some Android versions are safe when it's their terrible app not properly executing the vulnerability.
S
by S####:
by S####:
Both say the app is safe to install. If this is true why am I even paying for both antivirus program!!!
U
by U####:
by U####:
I currently have a Samsung S5 and I was getting the message that my device had the vulnerability. After a few fruitless efforts I uninstalled both the dummy and patch and re-installed the patch but instead of opening the patch through the Google Play store I closed out my browser and opened the app via the shortcut on the phone then followed the instructions on the video. Maybe it was just blind luck but hopefully this helps someone.
S
by S####:
by S####:
It says that Android 5.1 has the vulnerability. A broken security app really undermines the credibility of this security research company.
Q
by Q####:
by Q####:
It installed and ran fine, but it says I have the vulnerability. Verizon Samsung Galaxy S4 running 4.4.2. This contradicts the app description which says that the vulnerability was patched on version 4.4 and up. Is this an issue with Verizon's 4.4.2 not incorporating the patch, or is this an issue with this particular app not working the way it was intended? I don't know!
S
by S####:
by S####:
Have 4.4.2 and it says I have the vulnerability. Is this a false positive?
L
by L####:
by L####:
I just tried this on my Nexus 7 with 4.4.4 installed. The device is unlocked and rooted. The side app was installed. So, where is the patch?
S
by S####:
by S####:
Running Android 4.4.2 on my Galaxy S5, and the app says the phone HAS the vulnerability....so what do I do now??!
W
by W####:
by W####:
To all the people saying it's false is wrong. I did the test and when the Apk try to install it says parsing error. And that wonderfully. Thsnks
S
by S####:
by S####:
But you do have to allow downloads from unknown sources in settings. Otherwise,the dummy app can not be loaded for the test. Make sure to change your settings back after you run the test! (-:
S
by S####:
by S####:
I am running 4.4.2 on an LG G2 and it still shows that it is vulnerable. Either this program doesn't work or 4.4 is not fixed yet.
I
by I####:
by I####:
Great app! Was able to patch the vulnerabilities Bluebox Security Scanner, and adjust app settings. No vulnerabilities discovered after the patch, excellent app, great work! Running CM11.
R
by R####:
by R####:
According to info listed, my version 4.4.4 should not be vulnerable, bit their test says it is. I ran it a second time and it said my Moto X 2013 was secure. I ran it a third time and it came up vulnerable again.
S
by S####:
by S####:
To those who are wondering what to do if their device is vulnerable like me,it's better follow the link posted in the description of the app and you will see that there is nothing much you can do about it,only some safety procedures to be followed :'(
R
by R####:
by R####:
Didn't work
by S####:
I love it bcz it save my phone. Thanks a lot Admin n also thanks to Hindustan who tell me about this app.