This recent story appeared on Slashdot regarding various malware apps that had invaded the Android Market. Google quickly removed them (and I was not infected - I don't typically download apps), but I was curious - would a factory reset fix the problems that this malware caused (including rooting)? If so, why not?
Answer
For that/those particular piece(s) of malware, the answer is probably yes.
A factory reset does not completely undo rooting, especially with the more "invasive" methods used for a few hard-to-root devices. A simple/common exploit like the ones probably used in these rogue apps is less likely to allow them to persist.
A factory reset should also wipe out installed apps (including the malicious ones) or, if they're stored on the SD card or something, at least reduce them to uninstalled apps just sitting there -- and they can't do anything unless the user reinstalls them.
Factory resets generally leave the /system partition intact, however, and any malware could theoretically have replaced system binaries with malicious versions or something along those lines. To be on the safe side you would want to re-flash your ROM and not just do a factory reset.
No comments:
Post a Comment