Detection: potentially unwanted application...meaning what?

  • Hello altogether :)

 

I am using F-Secure Mobile Security v17.0.013502 FS_GP. It should be up to date.

I just received a detection message on my Android tablet. It mentioned a detected problem (potenially unwanted application) described as "Android/Riskyapp.4ac8b0b563!Online".

Beside the application name, packet name and size, this is all I get to know. I installed this game a while (months) ago and a recent update might have triggered this.

Information about what makes this a "risky app" is missing and I could not find anything online either.

The application/game is called "Last Day On Earth: Survival" and the detected packet is named "zombie.survival.craft.z".

 

Does anyone know what makes this app potentially unwanted? What is the risk in having this game installed?

 

I would like to understand the implications if of keeping it, as the "risk" might be worth it.

I checked the access permissions and do find this at the lower end of the risk rating list.

 

@f-secureTeam: Information about detections by F-Secure software (all Platforms/Products) is a general Problem. Are you aware of this or am I the first and only one to mention this? Smiley Indifferent

 

Thanks a lot in advance and best ragards

CW-FS

Comments

  • LakshLaksh Posts: 4,442 Community Manager

    Hi CW-FS,

     

    It is best to get in touch with our labs via the Submit a Sample page to get more information regarding your detected sample. If you are suspecting it to be a false positive, they should be able to analyze it further.

    Ukko
  • UkkoUkko Posts: 3,184 Superuser

    Hello,

     

    Sorry for my reply. I'm also only F-Secure user (their home solutions);

     

    About F-Secure detection's design -> possible to read such articles/pages:

    https://www.f-secure.com/en/web/labs_global/classification

    https://www.f-secure.com/en/web/labs_global/potentially-unwanted-applications


    And I able to think that your detection """Android/Riskyapp.4ac8b0b563!Online"."" can be with next view:

     

    --> Android/Riskyapp is general meanings for Android-platform; And if "Riskyapp" is not popular name for type of adware/malware/PUA --> so... this is indeed just risky app; For example, when not known (or not good known) application for F-Secure able to do things as known potential riskware;

     

    --> 4ac8b0b563 is certain hash for this application (or maybe certain trigger for detection);

     

    --> !Online based on F-Secure Security Cloud detection (more as rating/reputation detection);

    So - when this is comes for "known" application - most likely it can be false positive;

     

    Maybe fresh update for this game will break previous 'known' reputation/rating under F-Secure Security Cloud; And some parts of application can be potential unwanted (with some meanings); OR more good to say -> with some risks for user's device (?! like direct network connection between devices or so, as example); Also maybe this detection related with Application:Android/Generic.variant!Online (where possible to read some examples/meanings of risks);

     

    As it was suggested by official F-Secure Community Manager -> good to contact F-Secure Labs;

    With F-Secure SAS possible to transfer .apk (?! maybe) or just screenshot from Play Store (or all this information from your topic); I able to think that they will just re-rate (drop false positive detection), but good to receive proper explanation about potential risks-status anyway (what trigger there was)!

     

    Thanks!

This discussion has been closed.