Supposed Rooting Tool Offers Survey, PUP

Supposed Rooting Tool Offers Survey, PUP

In spite of foreseen security risks one may encounter when using a rooted mobile device, some users still opt to have full control of their operating systems for the purpose of personalized customization and installation of third-party apps that are not allowed under normal circumstances.

A number of rooting options are available for potential rooters that they can choose from, depending on their device’s hardware and OS version. When it comes to trying out tools, choose only those that have been tested and recommended by trusted sources online in order to avoid falling for scams or installing software that you never asked for, or both.

Such is the case of rootandroid-online[DOT]com, which we have spotted recently in the wild. It encourages visitors to root their Android devices “to make it Faster, Stronger, Better!”

click to enlarge

The page blurb is as follows:

Still not convinced why you should root your Android phone, tablet, or e-reader? Maybe you’ve seen online guides and other root programs that claim to be one click. We can assure you we’ve tested all of these programs and will put ours against any of them. Our Online Root Android tool simply is far more user friendly, supports a wider range of devices, includes many extra fail safes. Your phone cost you hundreds of dollars, and contains all your most valuable information. In this day and age your phone is basically your life. Why risk it with a rooting program that isn’t guaranteed or could damage the device? Use our Online Root Android tool now and your Android will be rooted before you know it!

Although this site is explicitly talking about its online tool, we can see that it is also offering a possibly different downloadable software. Before we look into that, let’s explore the online tool first.

click to enlarge

Once users click the Root Now button after entering their device model into the textbox provided and specify the version of their Android OS, they then see the page appearing to look like it’s in the process of verifying the data they entered, as you can see from the slideshow below:

At the end of the sequence, users are eventually requested to answer a survey in order to download the program this site purportedly recommends based on the data verified. It’s one of the showiest survey scams we’re encountered to date.

Next, that other software this site is offering from earlier. Clicking the Download Now button has resulted to the download of the file named SpottyFiles.exe from the domain, spottyfls[DOT]com. At this point, users should have already realized that this program is unrelated to rooting.

click to enlarge

If you think that “Spottyfiles” is a play of the word “Spotify”, then perhaps you may be right, dear Reader.

The site text reads:

Spottyfiles is a popular search tool and download manager which is really easy to use.

You just need to install the program, find the file you want and download it. Spottyfiles will handle your downloading task very fast. Being a user-friendly program with a well-organized interface, Spottyfiles is a natural choice for users in need of a trusty download manager.

Spottyfiles is being upgraded regularly and we encourage you to get the latest version of our program here.

Similar Spottyfiles domains are spottyfiles[DOT]com and spotty-files[DOT]com. These should be blocked as well.

Malwarebytes Anti-Malware detects the executable as PUP.Optional.SpottyFiles. Those interested on the finer technical aspects of the file can read all about it on this report.

Avoid sites offering online rooting tools. It would be better for potential rooters to do some research on the best tools they can use for their purposes and where they can download them from.

Jovi Umawing (Thanks to Steven)


Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.