AndroidGood and EVOTips & DealsTutorials

What to do if your HTC EVO 4G was infected by DroidDream malware

Evo-lookoutThanks to the vigilance of our friends at Android Police, a nasty virus that's since been dubbed DroidDream was discovered to have sneaked into more than 50 applications in the Market (full list here).

The apps have since been pulled, but what made this malware so dangerous was that some instances of it were hidden in pirated apps that were re-introduced into the Market, which means the potential to trick users into downloading/installing them was very high. DroidDream itself was already despicably devious, with the power to root your HTC EVO, send sensitive data like your IMEI and IMSI to a remote server, silently install other apps, and possibly steal other information, but the fact that it was hidden inside stolen apps from respectable developers is downright deplorable.

So what do you do if the malware with the heavenly name has dragged your EVO down into hell? Other than change your online passwords, inform your contacts that their personal information may have been stolen, and maybe place some sort of fraud alert warning on your credit report (depending on how much info was on your EVO in the first place), you can keep reading.

If you aren't sure whether DroidDream has forced its way into your EVO, then the best way to check is to grab Lookout Mobile Security from the Market and run a scan.


If anything is found, Lookout will clean it up and then protect you from "all instances of DroidDream."

If your EVO is rooted (tutorial here) and running a pre-Gingerbread ROM (Gingerbread is not affected), then you can take it a step further and wipe your EVO, reformat the SD card, go back to the stock ROM, re-flash whatever custom ROM you were on, and then flash this malware exploit patch put together by xda's Rodderick or just install the DroidDreamKiller app from the Market (no .zip flashing required).


Unfortunately, there's obviously no way to get back any of your personal information or other sensitive data that may have been compromised. All you can do now is pay closer attention to what you install on your EVO, monitor your credit reports, carefully review your credit card and bank statements, change your passwords, and pray that something like this doesn't happen again.

Update 3/6: Google is remotely removing the apps from affected devices, undoing the exploit, and working on additional security measures in the Market. [Google Mobile Blog] Thanks, Lotso!

Pocketables does not accept targeted advertising, phony guest posts, paid reviews, etc. Help us keep this way with support on Patreon!
Become a patron at Patreon!

Jenn K. Lee

Jenn K. Lee is the founder of Pocketables. She loves gadgets the way most women love shoes and purses. The pieces in her tech wardrobe that go with everything are currently the Samsung Galaxy Note II, Sony Tablet P, and Nexus 7, but there are still a couple of vintage UMPCs/MIDs in the back of her closet.

More posts by Jenn | Subscribe to Jenn's posts

Avatar of Jenn K. Lee