How to completely ban the installation of applications from unknown sources on Xiaomi Redmi

Installing apps from unknown sources on Xiaomi Redmi is one of the most common causes of infection of a smartphone with viruses, spyware or advertising software. Even if you are confident in the security of the downloaded.apk file, an accidental error or vulnerability in the system can lead to serious consequences, from identity theft to locking the device with ransomware. In this article, we will discuss all ways to completely ban the installation of APK from third-party sources, both through standard MIUI settings and with additional tools.

The feature of Xiaomi smartphones (including the Redmi Note 12, Redmi 10, POCO X5 and others) is that the manufacturer adds its own layers of security on top of standard Android features. This means that simply disabling the option in the settings is not enough – you need to take into account the nuances of the MIUI 13/14 firmware, the work of Google Play Protect and even the capabilities of ADB for deep locking. We will look at solutions for different scenarios, from basic protection to a complete ban with administrative rights.

Why it is important to ban installations from unknown sources

According to Kaspersky statistics for 2023, more than 60% of malware for Android is spread through.apk files downloaded from the Internet, not through Google Play.

  • πŸ” Fake apps: Fraudsters copy popular programs (such as WhatsApp or TikTok) by adding viruses or ad modules to them.
  • πŸ“± Vulnerabilities MIUI: Some versions of Xiaomi firmware have flaws that allow you to bypass source verification (for example, through the use of a different source). MIUI Package Installer).
  • πŸ’° Financial losses: Trojans like Anubis or Cerberus steal bank card details, wallet passwords and other data. SMS-code.
  • πŸ”’ Device lock: Ransomware (e.g. LeakerLocker) encrypts files and demands a ransom for unlocking.

Even if you download APKs from β€œreliable” sites (such as APKMirror or APKPure), there is no guarantee that the file was not modified during the download phase. In 2022, ESET researchers found that 15% of β€œclean” APKs from popular sites contained hidden advertising SDKs that collected user data.

⚠️ Note: On Xiaomi devices with bootloader unlocked, malware can gain super-user rights (root) even without your knowledge.This allows attackers to fully control the smartphone, including access to the device. TWRP and system sections.

Method 1: Disconnect via MIUI settings (Basic layer)

The easiest method is to use the built-in MIUI options. It is suitable for most users and does not require technical skills. The instructions are relevant for MIUI 12/13/14 on all Redmi models (including Redmi Note 11 Pro, Redmi 9A, POCO F4, etc.).

Steps:

  1. Open Settings β†’ Applications β†’ Application Management.
  2. Slip on the three dots in the upper right corner and select Special Access.
  3. Find Install Unknown Applications (in some versions, Install from Unknown Sources).
  4. You will see a list of apps that are allowed to install APKs (e.g. Chrome, Files, Telegram) and turn off the permission for everyone by moving the sliders to the position of Prohibit.

After that, the system will block attempts to install.apk through any application, but this method is not ideal:

  • ❌ Do not block the installation through ADB (developer-driven).
  • ❌ Maybe bypassed through MIUI Package Installer in some versions of the firmware.
  • ❌ Does not protect against installation through the Recovery (for example, TWRP).

All applications in the "Installation of Unknown Applications" section are disabled |

Attempt to install APK via Files ends in error |

Security settings enable "Google Play Protect" |

Xiaomi account is not tied to suspicious services-->

Method 2: Use Google Play Protect

Google Play Protect is a built-in antivirus from Google that scans all apps installed and installed, and while it doesn't block APK installation directly, it can prevent malware from launching.

Activation and configuration:

  1. Open Google Play Store β†’ click on the profile icon in the upper right corner.
  2. Select Play Protect β†’ Settings (cog in the top corner).
  3. Turn on the options: πŸ” Scan applications for malware πŸ›‘οΈ Improved protection against malicious applications (requires data to be sent to Google)

Play Protect

Scan.

Limitations of the method:

  • ⚠️ It does not block the installation, but only warns of a potential threat.
  • ⚠️ Viruses don’t update instantly – new threats may go unnoticed.
  • ⚠️ Some modified APK (For example, Lucky Patcher is bypassed by the inspection.

Only standard settings MIUI|

Google Play Protect|

Third-party antivirus (Kaspersky, Dr.Web, etc.)|

I don't use anything.|

I don't know what it is.-->

Method 3: Blocking through ADB (for power users)

If you need to completely disable APK installation at the system level, including ADB and recovery, you will need to use the adb shell command.This method is suitable for Xiaomi Redmi with an unlocked bootloader or for enterprise devices.

Warning: misuse of ADB can lead to data loss or device locking.We recommend backing up before executing commands.

Instructions:

  1. Install Platform Tools on PC (download from the official Android website).
  2. Turn on USB Debugging on your smartphone: Go to Settings β†’ About Phone β†’ Tap 7 times on MIUI to activate Developer Mode. Return to Settings β†’ Additional β†’ For Developers β†’ Turn on USB Debugging.
adb shell settings put global install_non_market_apps 0

This command disables the installation from unknown sources at the system level.

ADB

adb shell settings put global verifier_verify_adb_installs 1

To return the settings back, use:

adb shell settings put global install_non_market_apps 1


adb shell settings put global verifier_verify_adb_installs 0

⚠️ Note: Some Xiaomi models (e.g. Redmi) K50 or POCO F3) After these commands are executed, you may need to restart. If the device has stopped responding, reset via fastboot: fastboot reboot.

What if the ADB does not recognize the device?
If the adb device command doesn’t show your smartphone, follow the following steps: 1. Install Xiaomi drivers USB Drivers (download from official website). 2. Check if File Transfer is enabled (MTP) when connected USB. 3. Reboot your smartphone and PC. 4. Try another one USB-cable (preferably original from Xiaomi). 5. If the problem persists, activate the option in Developer Settings to Cancel Debugging Authorization USB And reconnect the device.

Method 4: Set up parental controls (for family use)

If you want to limit the installation of apps on a child’s or employee’s smartphone, use built-in parental controls in MIUI or third-party solutions like Google Family Link. This method does not block APK completely, but requires confirmation for each installation.

Configure via MIUI:

  1. Open Settings β†’ Parental Controls (in some versions – Digital Well-Being).
  2. Create. PIN-setting-code.
  3. Select a user profile (such as a child).
  4. Activate the option to limit the installation of applications and set limits on age or type of content.

Configure with Google Family Link:

  1. Install the Family Link app on your device and your child’s smartphone.
  2. Link accounts through an invitation.
  3. In the child's settings, turn on: πŸ”’ Application Installation Management (requires your confirmation for each installation). πŸ“΄ Restriction on Content Download (blocks access to unsafe sites).
MethodLevel of protectionDifficulty setting upSuitable for
MIUI settings⭐⭐⭐Basic protection
Google Play Protect⭐⭐⭐⭐Additional verification
ADB-team⭐⭐⭐⭐⭐⭐⭐⭐Full lockdown.
Parental control⭐⭐⭐⭐⭐Family use

Method 5: Removal of MIUI Package Installer (Extreme Method)

On some versions of MIUI (e.g. 12.5–14), the standard APK installer (com.miui.packageinstaller) can be disabled or removed, making installation from unknown sources impossible even through workarounds, which requires root rights or the use of ADB with an unlocked bootloader.

Instructions:

  1. Connect your smartphone to your PC and activate Debugging over USB (see Method 3).
  2. Run the command to disable the installer: adb shell pm disable-user --user 0 com.miui.packageinstaller
  3. For complete removal (requires root): adb shell su pm uninstall -k --user 0 com.miui.packageinstaller

⚠️ Attention: Removal MIUI Package Installer will make it impossible to install any APK, In order to return functionality, you will need to reflash the device or restore the file through fastboot.

adb shell pm enable com.miui.packageinstaller

After the work is completed, turn off the installer again.-->

Additional security measures for Xiaomi Redmi

Even after blocking the plant from unknown sources, there are risks of infection through other vectors, and we recommend that you follow the following steps for comprehensive protection:

  • πŸ” Disable the installation via the browser: In Chrome: Settings β†’ Site settings β†’ Downloads. β†’ Turn off, ask where to save files. MIUI Browser: Settings β†’ Confidentiality β†’ Turn off Autouploading files.
  • πŸ›‘οΈ Install antivirus: Recommended solutions: Kaspersky Mobile, Dr.Web Security Space, Bitdefender Mobile. Set up regular scanning and checking for virus database updates.
  • πŸ“΅ Limit Application Rights: In Settings β†’ Annexes β†’ Allows to disable Package Installation access for all applications except Google Play Store.
  • πŸ”„ Update. MIUI: Check for updates to Settings regularly β†’ The phone. β†’ System Update: Vulnerabilities in older firmware versions are often used to bypass restrictions.

πŸ’‘

The most reliable protection is a combination of methods: disable the installation through MIUI settings + activate Google Play Protect + use of antivirus, even if one layer of security is bypassed, the rest will prevent infection.

What to do if the virus is already installed

If you suspect that your Xiaomi Redmi has already installed malware, follow the following steps:

  1. Turn off the Internet: Transfer your smartphone to Flight Mode or turn off Mobile Data and Wi-Fi. This will prevent the transfer of data to intruders.
  2. Check the list of applications: Go to Settings β†’ Apps β†’ Application Management. Sort by installation date and remove suspicious programs.
  3. Run the scan: Use Google Play Protect or a third-party antivirus to look for threats.
  4. Reset settings (if the virus is not deleted): Reset to factory settings in Settings β†’ About Phone β†’ Reset. Before reset, save important data (photos, contacts) to an external drive or to the cloud.

If the virus has blocked access to the settings:

  • Reboot your smartphone in Safe Mode (hold the power button β†’ long tap on Turn off β†’ Safe Mode).
  • In safe mode, remove suspicious applications.

For complex cases (for example, ransomware) may require flashing through fastboot or EDL-Contact the Xiaomi service center if you are not sure about your actions.

FAQ: Frequent questions

Can I only ban APK installation for certain applications?
Yes, in the Install Unknown Applications settings (see Method 1), you can selectively disable permission for individual programs (e.g. Telegram or Chrome) leaving it for trusted ones (e.g. Files). ADB recovery.
Why can I still install APK after I turn off MIUI settings?
Probable reasons: You use MIUI version below 12 β€” old firmware locks are unstable. APK is installed via ADB or MIUI Package Installer to bypass restrictions. The device activates Developer Mode with USB Debugging resolution. Solution: use the ADB method or remove the installer.
How to check if the bootloader is unlocked on my Redmi?
Follow the steps: Turn off your smartphone. Press the Power button + Volume down to log into fastboot. Connect the device to your PC and execute the command: fastboot oem device-info If the output has a Device unlocked: true, the bootloader is unlocked. On bootloader unlocked devices, the risk of infection is higher, since malware can gain root rights.
Will the lock work after resetting the settings?
No, factory reset will return all security settings to their original state, including permission to install from unknown sources, and after reset, you must reconfigure the protection as instructed in this article.
Can I prevent APK installation at the router level?
Yes, but it requires you to set up a lock on APK downloads on the router. For example, in OpenWRT or DD-WRT firmware, you can create a rule to filter traffic by extension.apk. However, this method does not protect against: Installations via Bluetooth or USB-OTG. APK downloads under other extensions (for example,.zip or.rar). For full protection, combine network lock with smartphone settings.