Android app flags Kingdom Rush game as infected

I downloaded the original Kingdom Rush game from the Google Play store. The Safe app says it is infected with "Android/Davitor.2524b30828!Online".
I think this is a false detection. Please investigate
https://play.google.com/store/apps/details?id=com.ironhidegames.android.kingdomrush&hl=nl
0 Like
Best Answer
-
Laksh Posts: 4,439 Community Manager
Hi AntoineH,
If you suspect it to be a false positive, please submit the sample to our labs for analysis.
5 Like
This discussion has been closed.
Comments
How can I submit a sample? It is an app on my phone that was installed via the Play Store. Not a file on my computer that I can upload via the form.
You can submit the URL of the app in the Play Store and they should be able to check it from that.
Hello,
Maybe possible to use workaround like:
--> Create screenshot of 'block'-screen (where visible package-name, detection-name) and attach it as "file" with additional information:
https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-file
Where do place URL to PlayMarket (as explanation that possible to download it; and that situation about certain this build).
--> OR get the Play Market URL to this application and transfer it as "URL":
https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-url
Where place more information about detection-name and that there is false-positive.
For example, such workaround I tried with next trouble:
https://community.f-secure.com/t5/F-Secure-SAFE/false-flagging-of-WhosCall-on/m-p/95557/highlight/true#M16922
based on your noted 'detection-name' and some Google search --> looks like that detection can be about some advertisements services/design of this game-application. And maybe only as 'PUA'-detection.
With any of meanings -> such detection can be with "back"-status after fresh update/build for game. Maybe possible to ask F-Secure Labs for proper validation about 'reasons' for such detection (not only currently, but globally). And if detection is reasonable -> maybe good to ask about options to exclude/ignore such notification.
Thanks!
I submitted the URL to the Play Store with some extra information.
Thanks sofar.
Sorry, I meant submit the app URL to the F-Secure labs, as mentioned above, so that they can check it and whitelist it.
Submit Sample
Yes, that's exactly what I did.
See that my previous post can be interpreted otherwise, sorry for that.