Android devices have remained the center of attraction for malicious cyber criminals since forever. Not only do they churn out fake, infected apps one after another but also devise ways to exploit Android devices. The reason is quite evident; since Android devices are among the most commonly preferred mobile phone choices, therefore, cyber-criminals attack them often to claim a higher number of victims.
The latest news regarding Android devices is that various types of pre-installed malware were identified by two tech firms who received a consignment of their ordered android phones. All in all, 36 devices were already infected with malware. The presence of malware on these 36 Android phones was discovered by Check Point Software Technologies while the names of the tech firms that received these devices haven’t yet been disclosed.
The names of the devices have, however, been shared by the research team. These include:
Lenovo S90, Oppo R7 Plus, Xiaomi Redmi, Galaxy Note 2, LG G4, Galaxy S7, Galaxy Note 4, Galaxy Note 5, Galaxy Note 8.0, Galaxy A5, Lenovo A850, Xiaomi Mi 4i, ZTE x500, Galaxy Note 3, Galaxy Note Edge, Galaxy Tab 2, Oppo N3, Asus Zenfone 2, viva X6 Plus and Galaxy Tab S2.
It has been noted that the malware was hidden in certain apps that were not the part of the official ROM firmware. The manufacturers of Android phones usually provide the official ROM firmware. However, in this case, the infected apps were installed later on by someone who probably was part of the distribution network. According to reports, Loki malware was installed on some of these devices whereas Slocker ransomware was present on the other devices.
In 6 out of the shortlisted 36 devices, the infection was installed to the ROM through utilizing system privileges. The exact extent of the attack is not yet known since the research team has shared very few details at Check Point Software. Apparently, the reason behind the installation of malicious, infected apps was to obtain private information of the mobile users and to display customized ads.
In must be noted that this is not the first time when researchers have discovered pre-installed malware in Android devices. Since 2015, there have been a number of such cases including Android tablets on Amazon store and Chinese brands such as Xiaomi, Huawei, Lenovo, DJC, Xido, Alps, Sesonn and Concorde were shipped with pre-installed malware.
To remove the malicious apps, the phones will need full re-installation of the ROM firmware.
Source: Checkpoint
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.
