1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Preinstalled Malware Found on 38 Android Devices Delivered to Two Companies

Discussion in 'Mobile Phones & Devices' started by starbuck, Mar 13, 2017.

  1. starbuck

    starbuck Administrator - Malware Removal Specialist Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,825
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    The phones came with malware, ransomware, adware installed

    7cacc795a3e4297457e1700e26a474d3.jpg

    Somewhere in the supply chain of some Android phones that reached two companies, there was a weak link which allowed 38 devices to become infected with malware.

    According to Check Point Software Technologies, several malware types were found on 38 Android devices that landed on the doorstep of two unidentified companies.
    The malicious apps weren't part of the official ROM firmware supplied by phone manufacturers but were added later, somewhere along the supply chain.

    Researchers say that in six of the cases, malware was present installed to the ROM using system privileges.
    All these devices had to go through a complete install of the firmware in order for the malware to be removed.

    While details were not given about the full extent of the attack, it seems that most malicious apps were trying to steal people's information, while also trying to get them to tap on various ads.

    "Loki" malware was found on the devices, a malicious program looking to gain system privileges, while ransomware "Slocker" was discovered on others, using the Tor network to hide the identity of the operators.

    A wide range of attacked devices

    As mentioned, there were 38 devices affected, and while they all operate with Android, they're not the same.
    The infected devices list includes Galaxy Note 2, LG G4, Galaxy S7, Galaxy Note 4, Galaxy Note 5, Galaxy Note 8, Galaxy A5, Xiaomi Mi 4i, ZTE x500, Galaxy Note 3, Galaxy Note Edge, Galaxy Tab S2, Galaxy Tab 2, Oppo N3, Asus Zenfone 2, viva X6 plus, Lenovo S90, Oppo R7 plus, Xiaomi Redmi and Lenovo A850.

    This isn't the first time such an attack has taken place.
    Several times in the past few years, Android phones have been shipped preinstalled with some of these nasty apps trying to gain control over people's phones and data.

    Researchers at Check Point refuse to say whether this was a targeted attack on the two companies, but at this point, it doesn't seem unlikely.
    It would be interesting to know who supplied the phones to the unnamed companies.

    This goes on to reinforce the idea that it may not be a bad idea to run a malware check before you even start using your phone and installing any of the apps you regularly use.


    Source:
    http://news.softpedia.com/news/prei...vices-delivered-to-two-companies-513853.shtml
     
    Last edited: Mar 13, 2017
    starbuck, Mar 13, 2017
    #1

Share This Page