EAV8 2 Posted December 5, 2014 Share Posted December 5, 2014 Hi all, Any reason for this? ESET now detects MIT AppInventor2 apps as PUA Link to comment Share on other sites More sharing options...
EAV8 2 Posted December 10, 2014 Author Share Posted December 10, 2014 5 days and no answer? Link to comment Share on other sites More sharing options...
SweX 871 Posted December 10, 2014 Share Posted December 10, 2014 Hello, 1. You could upload the file to virustotal.com to see if some more vendor detect it as a PUA or something else, and post a link with the results here. 2. You could post a link here from where you are downloading it incase someone wants to check it out. Link to comment Share on other sites More sharing options...
EAV8 2 Posted December 10, 2014 Author Share Posted December 10, 2014 All app inventor 2 apps are detected as PUA now by ESET. Even a simple "hello world" app. Link to comment Share on other sites More sharing options...
rugk 397 Posted December 10, 2014 Share Posted December 10, 2014 (edited) If this really happens then it's quite strange, because app inventor is a legitimate software and I don't know why it should be PUA. Could you upload an example apk and paste the link to it here? Then upload it maybe to virustotal to check from who it is detected there. (Although you shouldn't rely on this, because virustotal isn't designed for such tests) Additionally: What name does EMS (I think you tested it with EMS...) give the "threat"? Edited December 10, 2014 by rugk Link to comment Share on other sites More sharing options...
EAV8 2 Posted December 10, 2014 Author Share Posted December 10, 2014 ESS detects it as "a variant of Android/Appinventor.A" Right now I can't upload a simple apk to virustotal, but you can find many virustotal links with this detection. A simple google search: https://www.virustotal.com/en/file/79b0cbbee52ac84e607885405cd627b173c392c0f39556d5d570d97e0432fe7b/analysis/ Also, if you want to see it by your eyes, you can go to app inventor website and create a simple app, in some seconds. Thanks for the answers Link to comment Share on other sites More sharing options...
rugk 397 Posted December 13, 2014 Share Posted December 13, 2014 (edited) Okay, at first I tried to look for a description on the virusradar site, but there seems to be an error with the Android/Appinventor entry. If you click on the descriptions you will only be redirected to the page for the latest descriptions and you won't see any description for this detection. But I did what you say and created my own small apk. And when testing the detection with ESS and EMS I found something important out! This apk was detected as as a potentially unsafe application - don't confuse this with a potentially unwanted application (PUA)! (When we use the abbreviation PUA here it means normally "potentially unwanted application" and not "... unsafe ...") In the second pictures you can see a short description of a potentially unsafe application - it is legitimate, but it can be misused. And just FYI (and as an information for ESET): The link "more information online (only in English)" only shows the "homepage" of the ESET knowledgebase, so I don't get any more information and I also didn't found a specific kb article about "potentially unsafe applications" in the kb when searching manually. I don't know how exactly this apps can be misused - maybe they cause a security risk somehow... I don't know how this created apps work, so I can't say how they can be misused... BTW the apk is detected on virustotal from ESET too, but in this test no other vendor detected it. VSD versions I used: ESS: 10873 EMS: 5265 Edited December 15, 2014 by rugk Link to comment Share on other sites More sharing options...
Recommended Posts