Will Avast detect WebWatcher

Avast Mobile Security Avast Mobile Security for Android
1

Will Avast for Android detect WebWatcher (By Awareness Technologies) if WebWatcher is installed before AMS.

By design, WebWatcher is undetectable and thus cannot be tampered with or removed by kids/employees (who are often tech savvy). It does not appear in the App Manager.
2

Hi, thanks for bringing this up.

We don’t detect it as harmful at the moment, but our Virus Lab guys have focused on it and today they are analysing it, later on they will decide whether to add it or not. There is no reason why we should not be able to detect it, once/if there is a detection for this application in place.

3

Thanks for your feedback, vizkova!

It’s definitely a PUP - as if it is on a phone where the user does not know that it’s installed, it is invasion of privacy.

There are reports of people who have had their phone “infected” by “friends” or spouses when borrowing the phone “just to check a website” for less than two minutes.

While there are legitimate uses for this application, the (potential) violation of privacy should be made known to the user.

4

Hi Thomas, agreed.

If you have had any issues with it, I am also forwarding a piece of advice on how to get rid of it:

This app is used for monitoring some features of the target phone such as SMS, photos, etc… It has two parts - a downloader/installer and a spy thingy.

There’s nothing much magical about it, since all the installer does is that it actually downloads an additional apk (the spy thingy), that gets installed with a very inconspicuous name of “com.android.providers.internal.” (actual package name is “com.ati.client”). The whole idea is believing that no one will voluntarily uninstall an android-whatever-system-like app. The installer itself then gets uninstalled and only the “com.android.providers.internal.” spy thingy remains on the device.

It isn’t however protected in any special way and the “com.android.providers.internal.” can be manually uninstalled via the Settings->Apps->“com.android.providers.internal.”->uninstall process.

5
If you have had any issues with it, I am also forwarding a piece of advice on how to get rid of it

Thanks - I’ve not had any issues with this myself - but it’s good to know that people Googling it might now get an advice on how to manually detect, and remove this “App” :slight_smile:

Hope it is included in the scanner :slight_smile: