I saw on the news (and verified on several news outlet websites) that there is a new malware that fools users into thinking it is an update of their Android system.
Is this new malware already detected/blocked/fixed by Avast?
I got the popup and skipped out of it, and have not used the tablet since as a precaution except to install Avast on it. But when I looked at the System/Update menu I did notice that there is an update pending. Is this a safe O/S update or is the malware so embedded that it shows up in the System/Update menu?
Are there any other precautionary steps I should take short of re-imaging the tablet back to factory settings?
I don’t know much about the particular malware and I am no malware expert, just that it popped up in the news a couple days ago saying that it impersonates a system update in order to gain access to features. This is one article describing it: https://techcrunch.com/2021/03/26/android-malware-system-update/
The device is a Samsung tablet that is only about a month old. The only apps I installed on it were from Google Play, were very few and they were only apps that I used in the past on other devices without ever having security issues.
I did use the tablet at an airport before installing Avast. On that occasion the antivirus/firewall on my laptop detected and blocked an attempted portscan. If the tablet has been infected it is possible that it happened at that time through some port’s vulnerability.
A day or two after going through that airport the tablet indicated I needed to apply a update, specifically:
Version: T500XXU3AUC6 / T500OXM3AUC6
Size: 247.73 MB
Security patch level: March 1, 2021
The first time I skipped out of it by hitting the tablet menu button. Today it just prompted me to do the update again, telling me I can skip the update one more time. This time I restarted the tablet. It is now telling me the update will be installed automatically at 10:23AM on March 31, 2021.
After skipping by pressing the circle icon, I checked with the III icon to see if any apps were running, none shows as running.
KEY QUESTIONS:
(1) Is this a sign of infection, or is it the normal behavior of Samsung Galaxy Tab A7 tablets?
(2) Is it safe to manually launch the update from the Settings app.
(3) Does Avast already block the Android malware indicated in the article that I provided a link for.
(4) Would a factory reset truly bring me back to the tablet’s initial state, or would it retain any infections already present?