The community forum

Join the conversation

Android Pie: two step update or malware?

Hi,


I've got a TA-1055 bought on Amazon.it. Tomorrow I receveid two notifications about system update. I was under Oreo 8.1 with september security patch.

The first notification was quite strange and different in terms of graphic layout (sorry I haven't a screenshot, my fault). It stated that it would download and install september security patch (that I already had) reporting a build number 2220.b02. It was about 50MB. I decide at first time to ignore this notification but the popup repeated several times asking me to install.....

Suspecting a malware infection I did a check with MalwareBytes Antimalware, Play Protect on the play store and MCAfee Total Protection....no malware found.....

Then I did a factory reset to the phone: while the phone was reinstalling applications the pop-up came up another time.


Before accepting the installation, I tried to enter Settings and do a manual update check...that found no updates available at all.

The popup icon was a cloud with an exclamation mark inside. Due to the 3 positive security application response above and the factory reset, I decided to accept the installation of this 50mb patch. After a couple of minutes a popup on the home screen asked me to accept reboot or postpone it...i decided to reboot....

Phone rebooted normally....entered the sim card pin....and in a matter of secs the standard system update notification this time notified me of Android Pie 9.0 version build 3.22C.


Now Pie is fully installed on my phone...I'm happy but as you may imagine I'm quite worried about the first installation. I think that no malware, if it was a malware, can survive to a factory reset on a NON rooted phone.


Maybe a causality but it seems to me a two step update...maybe that the first update pushed some mandatory software to correctly download and install Pie 9.0 (like firmware, partition or bootblock update)....but it was deployed to my phone using a different layout-interface and with a wrong message stating it was the September security patch.


BTW the phone appears still malware free using the three security programs above.


Could someone @nokia have a look on their backend? I can of course send serial number and IMEI to a Nokia representative in a private message if needed.


Thanks a lot, Simone

 

Login to post a comment