Trusted by over 1.6 million members since 2014 — why not join them?
Snailsoft
∞ and beyond!
Staff Member
Moderator
SB Mod Squad ⭐
✔ Approved Releaser
Active User
Member for 2 years
As some of you know, I've recently been hospitalized as a combination of my age, health issues, and deadly heatwave that hit the area. I asked that my phone and tablet be allow in so that I could do a little work and conversing.
Today, I was approached by a nurses aide who wanted to discuss my having downloaded nearly a TerraByte of data!
Say, what?!
I am accustomed to being on a CGNAT and behind layers of firewalls. The hospital has an open WiFi.
Upon looking over my tablet I found nothing out of sorts. This is my new Vortex upon which I do most of my modding.
I then looked at a device I didn't need but was brought anyhow, an old LG that I keep around strictly for use as a remote for all my other devices.
Even though I had removed much of the default apps and had a firewall (as I do on the devices), to my astonishment I found dozens of new games installed, massive in size, and every one of them a security nightmare.
Over 800GB in total, containing 50 anal-lytic spyware services, over 12,000 ad's services, 2 remote administrative trojans, and all of them downloading other apps!!!
But HOW???
None of my apps approved to install an apk had been used in months.
My firewall registered nothing.
A 350MB version of Mahjong showed that it had been installed while I slept by something called, Mobile Services, and refused to let me uninstall it.
I could not locate any such installer and began some research...
What's the purpose of a Mobile Services Manager?
Let's start with the basics of why you might have a Mobile Services Manager installed on your Android device. An MSM app is typically deployed on devices from a wireless carrier store or website. But they can be built into the Android operating system, depending on the model. Still, you'll likely see them from phones purchased directly through T-Mobile, Verizon Wireless, or AT&T. As with carrier-specific devices, you get many preinstalled apps and services unique to that wireless carrier. They each have their own.
The MSM app is there to silently download, update, and install all of those carrier-specific apps without you touching a thing. It also allows the wireless carrier to manage the features on your device (backdoor RA trojan). In theory, this ensures your device runs at peak performance by keeping it up to date, but it may not always work out that way. Having an MSM app can be intrusive since the carrier can use it to install apps you don't want that are typically corporately sponsored, which can be a pain to deal with.
Since bugs, glitches, and errors exist, running these services in the background can cause more harm than good. Aside from potentially being intrusive, an MSM app can make your device performance choppy, crash the system, or negatively affect your overall battery life along with burn up data and cost you money. Ideally, you want your device experience to be bug-free, but you may not have a say. It's up to your wireless carrier to properly manage the MSM app to keep things running smoothly, and you may have to wait for them to fix problems in some cases, assuming the unwanted app isn't intentional.
Can you deactivate the Mobile Services Manager app?
The answer varies since many wireless carriers, Android device manufacturers, and model types exist. Some devices allow you to turn off or completely uninstall the Mobile Services Manager app. You can go into the Settings app and locate the section where it shows your installed apps, then search for "mobile services manager." Open the app listing and remove it using the built-in system uninstaller method. However, the more likely story is that you either can't find the app or can't remove it using conventional methods. This is because the app is often cloaked and at the system level which isn't even viewable without root.
You might have to turn on the Show system apps option in your settings menu, but it still may not appear for some afterward.
Sometimes, the wireless carrier prevents you from touching the MSM app using the built-in app uninstaller method. There's no guarantee that you can turn off or uninstall the MSM app from your device without tapping into the power of ADB commands or having full root access.
It's can go be different names under different versions.
Previously called DT Ignite (or just Ignite), it can and does install apps without your permission as instructed by your carrier. This is in addition to the apps installed on first boot by ConfigAPK (android.autoinstalls.config.samsung) and is guaranteed to just be bloat.
Perhaps the most terrifying aspect of MSM is the fact that it has such a high priority and being a cloaked system app that it can bypass any form of security app you install and it can pass those onto the apps it installs. Mahjong didn't appear in the applications list, rather, it was in the hidden system apps.
The package name is com.LogiaGroup.LogiaDeck and was found on my device under /system/carrier/priv-app/IgniteVerizon/IgniteVerizon.apk. Without root, you can't delete this package from within Android, however, you may be able to remove it using the Universal Android Debloater as I did. That requires the use of a PC and data transfer cable. I need to have a laptop brought in and a bag of old cables as the LG uses a mini-USB while the laptop uses USB-C.
github.com
After 3 reboots and 5 hours of monitoring, it would appear that this very dangerous trojan has been eliminated from this device.
When I get home, I will have to examine all my Android devices.
Today, I was approached by a nurses aide who wanted to discuss my having downloaded nearly a TerraByte of data!
Say, what?!
I am accustomed to being on a CGNAT and behind layers of firewalls. The hospital has an open WiFi.
Upon looking over my tablet I found nothing out of sorts. This is my new Vortex upon which I do most of my modding.
I then looked at a device I didn't need but was brought anyhow, an old LG that I keep around strictly for use as a remote for all my other devices.
Even though I had removed much of the default apps and had a firewall (as I do on the devices), to my astonishment I found dozens of new games installed, massive in size, and every one of them a security nightmare.
Over 800GB in total, containing 50 anal-lytic spyware services, over 12,000 ad's services, 2 remote administrative trojans, and all of them downloading other apps!!!
But HOW???
None of my apps approved to install an apk had been used in months.
My firewall registered nothing.
A 350MB version of Mahjong showed that it had been installed while I slept by something called, Mobile Services, and refused to let me uninstall it.
I could not locate any such installer and began some research...
What's the purpose of a Mobile Services Manager?
Let's start with the basics of why you might have a Mobile Services Manager installed on your Android device. An MSM app is typically deployed on devices from a wireless carrier store or website. But they can be built into the Android operating system, depending on the model. Still, you'll likely see them from phones purchased directly through T-Mobile, Verizon Wireless, or AT&T. As with carrier-specific devices, you get many preinstalled apps and services unique to that wireless carrier. They each have their own.
The MSM app is there to silently download, update, and install all of those carrier-specific apps without you touching a thing. It also allows the wireless carrier to manage the features on your device (backdoor RA trojan). In theory, this ensures your device runs at peak performance by keeping it up to date, but it may not always work out that way. Having an MSM app can be intrusive since the carrier can use it to install apps you don't want that are typically corporately sponsored, which can be a pain to deal with.
Since bugs, glitches, and errors exist, running these services in the background can cause more harm than good. Aside from potentially being intrusive, an MSM app can make your device performance choppy, crash the system, or negatively affect your overall battery life along with burn up data and cost you money. Ideally, you want your device experience to be bug-free, but you may not have a say. It's up to your wireless carrier to properly manage the MSM app to keep things running smoothly, and you may have to wait for them to fix problems in some cases, assuming the unwanted app isn't intentional.
Can you deactivate the Mobile Services Manager app?
The answer varies since many wireless carriers, Android device manufacturers, and model types exist. Some devices allow you to turn off or completely uninstall the Mobile Services Manager app. You can go into the Settings app and locate the section where it shows your installed apps, then search for "mobile services manager." Open the app listing and remove it using the built-in system uninstaller method. However, the more likely story is that you either can't find the app or can't remove it using conventional methods. This is because the app is often cloaked and at the system level which isn't even viewable without root.
You might have to turn on the Show system apps option in your settings menu, but it still may not appear for some afterward.
Sometimes, the wireless carrier prevents you from touching the MSM app using the built-in app uninstaller method. There's no guarantee that you can turn off or uninstall the MSM app from your device without tapping into the power of ADB commands or having full root access.
It's can go be different names under different versions.
Previously called DT Ignite (or just Ignite), it can and does install apps without your permission as instructed by your carrier. This is in addition to the apps installed on first boot by ConfigAPK (android.autoinstalls.config.samsung) and is guaranteed to just be bloat.
Perhaps the most terrifying aspect of MSM is the fact that it has such a high priority and being a cloaked system app that it can bypass any form of security app you install and it can pass those onto the apps it installs. Mahjong didn't appear in the applications list, rather, it was in the hidden system apps.
The package name is com.LogiaGroup.LogiaDeck and was found on my device under /system/carrier/priv-app/IgniteVerizon/IgniteVerizon.apk. Without root, you can't delete this package from within Android, however, you may be able to remove it using the Universal Android Debloater as I did. That requires the use of a PC and data transfer cable. I need to have a laptop brought in and a bag of old cables as the LG uses a mini-USB while the laptop uses USB-C.
GitHub - 0x192/universal-android-debloater: Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.
Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device. - 0x192/universal-android-debloater
github.com
After 3 reboots and 5 hours of monitoring, it would appear that this very dangerous trojan has been eliminated from this device.
When I get home, I will have to examine all my Android devices.
