Monday, December 11, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
LG Tests LTE-based Safety Technology for Connected, Self-driving Cars
Apple Said To Buy Shazam
Intel Uses Cobalt Interconnect for 10nm, Global Foundries Detail EUV Lithography for 7nm
LG Display Starts OLED Light Panel Production
Toshiba Moving Closer to Deal With Western Digital
YouTube Said to Launch Music Subscription Service
NVIDIA Says New TITAN V GPUs Transform the PC into AI Supercomputer
Toshiba Launches First 14TB HDD with Conventional Magnetic Recording
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > Mobiles > Preinst...
Last 7 Days News : SU MO TU WE TH FR SA All News

Saturday, March 11, 2017
Preinstalled Malware May Be Targeting Your Android Phone


Security firm Check Point has recently detected a severe infection in 38 Android devices, belonging to a large telecommunications company and a multinational technology company. Interestingly, the malware was pre-installed.



According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device's ROM using system privileges, meaning they couldn't be removed by the user and the device had to be re-flashed, Check Point said.

Most of the malware found to be pre-installed on the devices were info-stealers and rough ad networks, and one of them was Slocker, a mobile ransomware. Slocker uses the AES encryption algorithm to encrypt all files on the device and demand ransom in return for their decryption key. Slocker uses Tor for its C&C communications.

Among the "pre-infected" smarphones are the following:

  • LG G4
  • Galaxy S4
  • Galaxy S7
  • Galaxy Note 2
  • Galaxy Note 3
  • Galaxy Note 4
  • Galaxy Note 8
  • Galaxy Note 2
  • Galaxy Note Edge
  • Galaxy A5
  • Galaxy Tab S2
  • Galaxy Tab 2
  • Xiaomi Mi 4i
  • Xiaomi Redmi
  • ZTE x500
  • Nexus 5
  • Nexus 5X
  • Oppo N3
  • OppoR7 plus
  • vivo X6 plus
  • Asus Zenfone 2
  • LenovoS90
  • Lenovo A850

The most notable rough adnet which targeted the devices is the Loki Malware. This complex malware operates by using several different components; each has its own functionality and role in achieving the malware's malicious goal. The malware displays illegitimate advertisements to generate revenue. As part of its operation, the malware steals data about the device and installs itself to system, allowing it to take full control of the device and achieve persistency.

As a general rule, users should avoid risky websites and download apps only from official and trusted app stores. However, following these guidelines is not enough to ensure their security. Pre-installed malware compromise the security even of the most careful users. In addition, a user who receives a device already containing malware will not be able to notice any change in the device's activity which often occur once a malware is installed.

The discovery of the pre-installed malware raises alarming issues regarding mobile security. Users could receive devices which contain backdoors or are rooted without their knowledge.



Previous
Next
Samsung Starts Teasing With Galaxy S8 TV Ad As LG G6 's Sales Take Off        All News        Intel Security releases EFI rootkit checker Following WikiLeaks Reports
Samsung Starts Teasing With Galaxy S8 TV Ad As LG G6 's Sales Take Off     Mobiles News      Finger Heat Traces Could Expose Your Smartphone's PIN

Get RSS feed Easy Print E-Mail this Message

Related News
Cloak and Dagger Security Hole in Android Discovered
Researchers Say 1 Million Google Accounts Breached by "Gooligan"
Android Devices Vulnerable To Physical RAM Attack
Millions Of Android Devices Infected With Chinese Malware
'GODLESS' Android Mobile Malware Uses Multiple Exploits to Root Devices
Fraunhofer SIT Finds Vulnerabilities in Android Security Apps
Android Ransomware Can Change Your Mobile's PIN Code

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .