Check for hidden Android device administrators
Device Administration on Android is a powerful API that was first introduced in Android 2.2. It offers features at the system level which makes available features such as remotely wiping the storage on a device or enforcing password policies.
Apps that require Device Administrator privileges prompt users to do so and when users confirm the rights have access to the API.
You can check which apps have these rights on any Android device running 2.2 or higher. To do so open the settings on the device and select security afterwards.
There you should find an option to open all device administrators on the device.Â Administrators are listed with their name and a short description of what they do. You also see if they are currently enabled or not, and can change the state there are as well.
One issue that Android users may have encountered in the past is that malicious apps exploited this. Some apps did not show up on the list even though they had the same privileges and should have been listed on the device administrators page.
Trend Micro's Hidden Device Admin Detector has been designed to scan the Android device for these hidden administrators.
The app itself is dead easy to use. Simply tap on the "click here to scan" button to run a quick scan for hidden administrators on the device.
The scan should not take long and will run its course if no hidden administrators are found.
If it discovers a hidden administrator it will prompt you directly given you the option to deactivate any hidden administrator on the system.
To do so remove the checkmark from the box and confirm the prompt that appears afterwards.
If you are interested in learning more about malware that exploits this head over to the Trend Micro blog where you find detailed information about malware that exploited this last year.
I cannot say if this issue can still be exploited by malware or not in recent versions of Android. Considering that many are still running older versions of the operating system on their devices with no chance of ever getting an upgrade, it is at least something that is interesting to them.
The app itself requires no special rights so that it won't hurt to run it.Advertisement