Android Found to Have Malware Preinstalled on Dozens of Smart Phones

  • 27 March 2017
  • Administrator




According to Linux Insider - dozens of new Android Phones are found to have malware pre-installed. Malware has been discovered pre-installed on 36 Android phones belonging to two companies, security software maker Check Point reported. "In all instances, the malware was not downloaded to the device as a result of the users' use -- it arrived with it," noted Oren Koriat, a member of Check Point's Mobile Research Team. The malicious apps on the phones of a telecommunications company and a multinational technology business were not part of the official ROM supplied by the vendor, he explained. They were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device's ROM using system privileges, meaning they couldn't be removed by the user and the device had to be re-flashed, Koriat added. Most of the preinstalled malware consisted of information stealers and rough ad networks, he said. Included in the malicious software array was Slocker, a mobile ransomware program that encrypts all the information on a device and demands a payment to decrypt it.Loki malware also was part of the mix. It not only generates revenue by displaying bogus ads, but also steals data about a device and can take control of it.

Consumers Helpless

Supply chain attacks like the one discovered by Check Point pose a serious problem to any consumer who receives such a phone. "In a scenario like this, the only method to protect yourself from this threat would be to scan the phone right out of the box," said Troy Gill, a senior security analyst with AppRiver. "Of course, this is a fairly disturbing proposition," he told LinuxInsider, "but unfortunately the only solution in this case." Consumers are at the mercy of manufacturers in a case like this, said Michael Patterson, CEO of Plixer International. "There is an expectation of trust, which in this case was broken," he told LinuxInsider. "Given this situation where malware was installed as part of the supply chain, the only way for consumers to be protected is for manufacturers to begin to do a final quality assurance test of products before they are shipped to the consumer," Patterson suggested.

Read the complete article at Linux Insider.