Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Found In the Firmware of 26 Low-Cost Android Models (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

An anonymous reader writes: Security researchers have found malware hidden in the firmware of several low-end Android smartphones and tablets, malware which is used to show ads and install unwanted apps on the devices of unsuspecting users. 26 Android device models have been found to be vulnerable. The common link between all these devices is that all are low-cost devices, mostly marketed in Russia, and which run on MediaTek chipsets.

According to security researchers from Dr.Web, a Russian antivirus vendor, the malware appears to have been added to the firmware by "dishonest outsourcers who took part in [the] creation of Android system images decided to make money on users." The security firm has informed MediaTek and the device vendors about this issue so the affected companies can inspect their distribution chain and find the possible culprits.

3 of 60 comments (clear)

  1. The list by fred6666 · · Score: 4, Informative

    These were cheaper than cheap. No well known brand such as Samsung or even cheaper brands such as Huawei, ZTE and Xiaomi.

            MegaFon Login 4 LTE
            Irbis TZ85
            Irbis TX97
            Irbis TZ43
            Bravis NB85
            Bravis NB105
            SUPRA M72KG
            SUPRA M729G
            SUPRA V2N10
            Pixus Touch 7.85 3G
            Itell K3300
            General Satellite GS700
            Digma Plane 9.7 3G
            Nomi C07000
            Prestigio MultiPad Wize 3021 3G
            Prestigio MultiPad PMT5001 3G
            Optima 10.1 3G TT1040MG
            Marshal ME-711
            7 MID
            Explay Imperium 8
            Perfeo 9032_3G
            Ritmix RMD-1121
            Oysters T72HM 3G
            Irbis tz70
            Irbis tz56
            Jeka JK103

  2. Re:Google by The-Ixian · · Score: 2, Informative

    Google needs to get a grip on Android, somehow

    They have, it's called a Pixel.

    If you buy an AOSP or Android device from any other manufacturer, your relationship is with that manufacturer, not with Google.

    Google just makes the OS that runs on the hardware.

    --
    My eyes reflect the stars and a smile lights up my face.
  3. It most CERTAINLY IS Mediatek! by emil · · Score: 5, Informative

    They were caught red handed.

    When Google had previously updated its systems to check for ADUPS, MediaTek (they make the chipset in millions of low-end phones) simply modified their system software to evade Google’s checks. Nice one MediaTek!

    DO NOT BUY EQUIPMENT WITH MEDIATEK CPUS!