I added a brand new moto g5 phone to my Livesafe account and within 12 hours, after a McAfee update, it had alerted us to an unremovable read only malware file in downloads: Android/npinge.a!gen. Apparently it was from July 2013.
The only apps we had downloaded were Facebook Mesanger and the BBC iplayer, and through previous attempts to load McAfee, the free McAfee app. Although there was a warning of an automatic download that was 'too large' that I assumed to be a system update.
We've done a factory reset to see if the file will be removed but haven't had chance to run through the phone set-up again and reinstall LiveSafe yet.
Can anyone tell me if this was a true MalWare alert or a false return? And if it was real, why did McAfee not block it, and can it be removed if it's still there when we resetup the phone? We haven't even made any calls on the thing yet...
Thanks in advance.
It did block it, you say you had just added the phone to Livesafe or maybe the other way around, Livesafe to the phone.
It was probably old unsigned software and nothing to really worry about. Googling that particular one doesn't come up with anything conclusive so without a sample going to the labs, it would be impossible to guess at what it actually was at this stage.
Npinge is a known malware group so be careful downloading, opening email attachments from unfamiliar sources and get your apps only at the official store
Thanks Peter. Just to clarify, although Livesafe flagged it and said it couldn't be deleted, was it still blocked and safe to continue to use the phone? Could it have accessed any personal data via apps?
All apps were downloaded from the official app store, and the device hadn't been used to access any email, which is why I was surprised this appeared.