In a developing case, Meizu fans in Italy have discovered that Meizu’s Flyme OS has malware infecting certain built-in applications.
A long time Meizu fan in Italy has been doing some digging in to Flyme OS and has discovered that applications in the custom Android system are infected with malware and malicious code.
Apparently the latest beta system of Flyme has a few different viruses which have been spotted using VirusTotal. Another test from a few month back shows that similar malware was also found in a previous Flyme version.
Gizchina News of the week
Meizu haven’t made an official statement about the reason for the fishy looking code, but their Italian distributor claims that the results are false. Meizu fans are now looking in to the issue and it seems AVG have been approached to confirm the scan are accurate.
If the reading are accurate then why has the Flyme team purposely done this? Well perhaps this ‘malware’ is actually code found in only beta versions of Flyme OS which can send information back to the developers about usage, crashes, bugs etc automatically?
Whatever the reason be aware that at least the latest Flyme Beta is showing these symptoms and they could result in higher data usage, battery drain and may even be able to share your personal info with Meizu’s servers.
More details and screenshots of various tests can be found on Meizufans.eu.
If you look you’ll see that the detection rate is 4/57 in the screenshot posted. That’s usually not a very clear indication that something is really wrong with the code.
Luckily APKs are easy to open up and decompile with things like apktool, dex2jar and then jar decompilers ( cfr, procyon ) so if anyone’s really interested they can take a look. I assume it’s in the java part of the APK, if it’s in some included native .so libs then something like IDA will be needed to take a look.
I will be more concern if Kaspersky is reporting something, but other av companies does false positive most of the time. Another point is it doesnt mean a virus or backdoor everytime something is detected, sometimes it just mean it has potential to harm a system . This potential is not proven 100% of the time.
It’s worry some anyway.
Not a single AntiVirus should alarm on a system application.
But yeah. It’s still uncertain weather it’s a security issue or not.
Yeah indeed. I haven’t heard any comment yet from Meizu’s side yet. I only read comments that meizu.eu is just hating thats why they comment like that. And i heard it only was detected on the flyme 5 beta versions and not on stable 4.5 old version.
I hope meizu fix and update flyme now. Im hoping for marshmallow version of flyme coming…with full disk encryptions enabled
In Flyme 5 stable too and in flyme 4.5 mzaccount is detected like an riskware. Just upload the app on VirusTotal.
I think Meizu won’t commend on it and that’s a smart move ( … but they probably just don’t care )
The only worry was if the closed beta testers leaked a Beta, what we didn’t.
And meanwhile AVG is still looking into the matter.
I’m my opinion it’s likely to be no virus. But simple the fact that FlymeOS uses homemade (Chinese) frameworks for System apps… instead of Google frameworks (sevices).
That means I don’t think it’s a virus, but part of replacing Google in China. But that’s just my thoughts, no guarantee.