Malware Found In the Firmware of 26 Low-Cost Android Models

An anonymous reader writes: Security researchers have found malware hidden in the firmware of several low-end Android smartphones and tablets, malware which is used to show ads and install unwanted apps on the devices of unsuspecting users. 26 Android device models have been found to be vulnerable. The common link between all these devices is that all are low-cost devices, mostly marketed in Russia, and which run on MediaTek chipsets.

According to security researchers from Dr.Web, a Russian antivirus vendor, the malware appears to have been added to the firmware by "dishonest outsourcers who took part in [the] creation of Android system images decided to make money on users." The security firm has informed MediaTek and the device vendors about this issue so the affected companies can inspect their distribution chain and find the possible culprits.

Mediatek, WHAT IS YOUR PROBLEM?!

[emil]

Why is Mediatek installing malware to extract and send the owner's data to China?

I just bought the latest BN Nooks as Christmas gifts. Now I have to tell EVERYONE who receives these gifts to use burner accounts, no credit cards, no sensitive gmail.

None of these companies can be trusted.

Google

[110010001000]

Google needs to get a grip on Android, somehow. They are ultimately responsible for this mess. Stop fucking around with self-driving cars and do your job.

Re:So what?

[cmiller173]

I know what I get in exchange for trading my information with Google and I know how to secure my communications when necessary for sensitive information Google and I both benefit from the relationship. When a third party gets their malware on a phone (hasn't happened to me) the user of that device has not made an informed decision to make that trade and rarely benefits from it.