Sideloading is one of the most common causes of Xiaomi smartphones getting infected with viruses, spyware and adware Trojans. APK-files knowingly, malware can enter a device through fake updates, hacked games or phishing sites. Unlike Google Play Protection, which scans apps from an official store, files from external sources are often left unchecked.
Xiaomi has built several layers of protection into the MIUI shell, but they are not always active by default. For example, some models (Redmi Note 12 Pro+, POCO X5 Pro) allow APK installation through a browser or file managers, which creates a loophole for attackers. In this article, we will discuss how to completely block installation from unknown sources, from standard Android settings to hidden MIUI functions and even editing system parameters for advanced users.
Why itβs important to disable APK installation from unknown sources
According to Kaspersky data for 2023, more than 30% of mobile viruses spread through manual installation of APK.
- π± Stealing data: passwords, bank details, photos and correspondence (for example, the Cerberus Trojan, masquerading as an update for WhatsApp).
- πΈ Sign up for paid services without your knowledge (Joker-type viruses are sent to you) SMS short-numbered).
- π Remove the battery and heat the processor with hidden cryptocurrency mining (e.g. HiddenMiner).
- π Show irremovable ads over all windows (advertisements like Shuanet).
Devices with unlocked bootloader or root rights are particularly vulnerable. Even if you are confident of the APK source, an error in the application code can lead to data leakage or conflict with MIUI system processes. For example, the popular Nova Launcher launcher in the pirated version often contains backdoors for remote control of a smartphone.
β οΈ Attention: On Xiaomi smartphones with firmware MIUI Global (e.g. Redmi) 10C, POCO M5) default installation allowed APK This means that any downloaded file with the.apk extension can be run in one tap without additional confirmation!
Method 1: Disconnect via standard Android settings
The easiest method is to use Androidβs built-in security options, which work on all Xiaomi devices, regardless of the version. MIUI (Instructions are relevant for Redmi Note 11 Pro, Xiaomi 12T, POCO F4 GT others.
Steps:
- Open Settings β Applications β Special Access Rights.
- Select Install Unknown Applications.
- You will see a list of programs that are allowed to install APKs (e.g. Chrome, Files, Telegram).
- Slip on each application and move the slider to the position "Prohibit".
After that, no.apk file can be installed through these programs, but there is a caveat: some system applications (such as Software Update) may again request permission. To avoid this, use method 3 (lock through MIUI Security).
βοΈ Security check after disconnection APK
Method 2: Use of MIUI Security (Security)
The MIUI shell has its own security application (MIUI Security), which offers advanced security settings, which is suitable for devices with MIUI 12.5+ (for example, Xiaomi 13 Lite, Redmi K50 Pro).
Instructions:
- Open the Security app (the shield icon).
- Go to the Privacy Protection section β Special permits.
- Select Install Unknown Applications.
- Turn off permission for all apps except Software Update (if you trust Xiaomiβs official updates).
MIUI Security also has a Virus Scanner feature that can be manually run. However, it is less effective than Google Play Protection, so don't rely on it alone. For maximum security, combine this with Method 4 (edit build.prop).
| Locking method | Level of protection | Need root? | It's good for MIUI. |
|---|---|---|---|
| Standard Android settings | Medium. | No. | All versions. |
| MIUI Security | High-pitched | No. | 12.5 and newer |
| ADB-team | Very tall. | No. | All versions. |
| Editing by build.prop | Maximum | Yes. | Any (requires root) |
Method 3: Blocking through ADB (without root)
If you want to completely ban APK installation at the system level, but are not ready to get root rights, you can use ADB (Android Debug Bridge), which works on all Xiaomi smartphones, including the POCO X3 Pro, Redmi 9A and others.
You'll need:
- π₯οΈ A computer with installed Xiaomi drivers and ADB.
- π± Included debugging by USB on a smartphone (Settings) β The phone. β Version. MIUI β 7 times tap to unlock the developer's settings).
- π USB-cable (preferably original).
Commands for lockdown:
adb shell settings put global install_non_market_apps 0
adb shell pm disable-user --user 0 com.android.packageinstallerThe first command disables the installation from unknown sources globally, the second one blocks the APK system installer. To get it back, use:
adb shell settings put global install_non_market_apps 1
adb shell pm enable com.android.packageinstallerβ οΈ Note: After completing these commands, you will not be able to install any APK, including legitimate ones (such as APKMirror or beta versions of applications).To circumvent the restriction, temporarily unlock the installer through the ADB.
π‘
If so, ADB-command APK still possible, check for applications with rights REQUEST_INSTALL_PACKAGES. They can be found through the adb shell dumpsy package and removed manually.
Method 4: Edit build.prop (root only)
This is the most reliable way, but it requires root rights and is only suitable for power users, and the method is to modify the system file build.prop, which controls the parameters of the firmware, suitable for MIUI of any version, including custom firmware like LineageOS or Pixel Experience.
Instructions:
- Install a file manager with root support (such as Root Explorer or FX File Explorer).
- Go to /system/build.prop and back up the file.
- Add a line to the end of the file: ro.allow.mock.location=0 persist.security.apkenable=0
- Save the changes, restart the device.
After that, the installation of APK from unknown sources will be blocked at the Android kernel level, and the restriction can only be circumvented by re-editing build.prop. However, be careful: incorrect changes to this file can lead to bootloop (cyclic smartphone reboot).
What if the phone is not turned on after building.prop editing?
Method 5: Using third-party antiviruses with APK blocking
If you need not only installation lock, but also active protection against threats, you can install an antivirus with APK control function.
- π‘οΈ Bitdefender Mobile Security β Blocks the Installation of Suspicious Security APK and scans existing applications for viruses.
- π Malwarebytes β specializes in spyware and adware virus detection.
- π± Kaspersky Internet Security β has a module βPhishing Protectionβ that prevents downloading malicious files.
How to set up a lock in Bitdefender:
- Install the app from Google Play.
- Go to Settings β Threat Protection β Lock the installation.
- Activate the option βProhibit installation from unknown sourcesβ.
The downside of this method is that antiviruses consume additional resources (especially noticeable on budget models like the Redmi A1+), and they can not guarantee 100% protection: some viruses (for example, Anubis) masquerade as legitimate applications and bypass scanning.
π‘
Side-side antiviruses are convenient, but do not replace system security settings. Always combine them with blocking through MIUI or ADB.
What to do if the virus is already installed
If you suspect that your Xiaomi already has malware, follow the algorithm:
- Turn off the internet (mobile data and Wi-Fi) so the virus canβt send data.
- Go to Settings β Apps and check the list of installed programs. Pay attention to applications with unfamiliar names (for example, System Update, Flash Player are frequent masks for viruses).
- Delete suspicious programs. If the Delete button is inactive, it is a sign that the virus has acquired administrator rights.
- Go to Settings β Passwords and Security β Device Administrators and uncheck the checkboxes from unknown applications.
- Perform a full check through Google Play Protection (Settings β Google β Security).
If the virus does not remove or blocks access to settings:
- π Reset your smartphone to factory settings (Settings) β The phone. β Resetting settings).
- π₯ Fastboot the device (instructions for your model look at the XDA Developers).
β οΈ Note: Some viruses (e.g. xHelper) recover from reset if system partitions are infected, in which case only a full flashshot erase userdata will help).