Mobile Security

McAfee Hidden Device Admin Detector – Free Protection from Android Malware

By on Jun 28, 2013

A few weeks ago, we told you about Obad, a backdoor Trojan that targets the Android operating system (OS). What differentiates a Trojan from a traditional virus is that this type of software attempts to masquerade as something useful in order to trick users into opening the file and then leaves a backdoor open so attackers can access your data at any time. This Trojan affects all Android OS users, and it is strongly recommended that you address this flaw immediately!

What does Obad do? 

Essentially, Obad enables the downloading of malicious apps onto your Android device right under your nose – these apps have the dangerous ability to take advantage of your device’s administrator capability without your knowledge. The apps are created so that they don’t show up in your device’s admin screen, ultimately preventing you from uninstalling the app even if McAfee Mobile Security identifies the app as a malicious one.

New from McAfee – the McAfee Hidden Device Admin Detector, part of the McAfee Mobile Innovations app and now available on Google Play, protects your Android device from the Obad threat. Upon installation, use the app to scan your device for apps that have been granted device admin privileges, unbeknownst to you.

Obad FAQs:

Which devices are affected?
Any device running the Android OS carries the risk of being affected by Obad

How does it work?

1. It’s hidden.
Obad runs in the background of your mobile device so you may not know if you even have it or if you have unknowingly installed an infected app. It’s so well hidden that once Device Administrator privileges have been granted to the app, the malware, or malicious software, does not appear in the device administrator list, making it almost impossible to delete it.

2. It executes remote commands.
Devices infected with Obad can be controlled remotely by a Command and Control (C&C) server. Through a Command and Control (C&C) server, attackers are able to send commands and receive outputs from your device without ever alerting you. The attacker can send a variety of commands such as:

  • Making your mobile send unauthorized text messages (e.g. to premium rate numbers);
  • Downloading other malicious apps and installing them on your device;
  • Harvesting sensitive information (e.g. your contact list or capturing what you type on your device);
  • And acquiring the account balance.

How does McAfee Hidden Device Admin Detector work?
It scans and detects malicious apps that have been granted device administrator privileges and are hidden to prevent removal. The apps are then visible to you so that you may remove their device administrator privileges and then uninstall them from your Android device.

See screenshots below of McAfee Hidden Device Admin Detector in action:

2013-06-27 19.33.18 2013-06-27 19.33.28

Do I need to be a McAfee customer to be able to take advantage of this free app?
No. McAfee wants to ensure all Android users are safe, therefore, this app is available for free to all Android device users via Google Play.

Will the McAfee Hidden Device Admin Detector eventually be a part of McAfee Mobile Security?
Yes. We are planning to have it integrated as part of McAfee Mobile Security later this year, however, we wanted to make sure to have a solution that addresses Obad available as soon as possible for all Android users.

What is the cost of this app and how can I get it?
McAfee Hidden Device Admin Detector is available for free on Google Play, via the free McAfee Mobile Innovations App.

Don’t let your Obad take control of your phone and sensitive data – download McAfee Hidden Device Admin Detector today.

For future updates, be sure to follow us on Twitter at @McAfeeConsumer or on Facebook at