I picked up a new phone from NTT Docomo this weekend, and being my paranoid self, immediately opened the notifications/permissions settings for every app it came with.
Something caught my eye because of its name: Appcloud
I had not heard of this before seeing it in the list. I found it strange that there seemed to be a cloud-related app that wasn't branded with any cloud services I am familiar with. Also, NTT Docomo uses the Play Store and their "docomo application manager" for their junk apps and doesn't need a separate cloud.
The application package on my (android) phone is com.aura.oobe.ntt, which indicates it is tailored for my carrier to preinstall on their phones (as opposed to my phone's manufacturer, which is Sony). The issue is well-reported on Samsung phones, and they seem to be preloading theirs from the factory (com.aura.oobe.samsung).
ie, among all the other junk NTT Docomo loads a new phone up with as they push "agree" on thirty different things without explaining any of them to you is apparently this wildly dangerous piece of malware.
This is the only app I have ever known to delcare "No permissions denied" for its list of permissions. It can do literally anything at any time.
This application is known to install uknown apps without asking for permission.
It's also got a sketchy background.
There are of course, other points of view. I had found a Japanese youtube video about how it's a legitimate interest app that forward-installs scrappy developer's apps on your phone (without asking) as a kind of advertising, which generates revenue for whoever installed it; unfortunately I did not keep that link.
I'm still working on a solution for myself. At the moment, it seems fine to disable its notifications and disable the app itself.
I may use ADB to remove it from the phone entirely, but given that the carrier is installing it, it could be reinstalled by an update in the future.
by quequotion