Slashdot Mirror
Malware Found In the Firmware of 26 Low-Cost Android Models (bleepingcomputer.com)
An anonymous reader writes: Security researchers have found malware hidden in the firmware of several low-end Android smartphones and tablets, malware which is used to show ads and install unwanted apps on the devices of unsuspecting users. 26 Android device models have been found to be vulnerable. The common link between all these devices is that all are low-cost devices, mostly marketed in Russia, and which run on MediaTek chipsets.
According to security researchers from Dr.Web, a Russian antivirus vendor, the malware appears to have been added to the firmware by "dishonest outsourcers who took part in [the] creation of Android system images decided to make money on users." The security firm has informed MediaTek and the device vendors about this issue so the affected companies can inspect their distribution chain and find the possible culprits.
According to security researchers from Dr.Web, a Russian antivirus vendor, the malware appears to have been added to the firmware by "dishonest outsourcers who took part in [the] creation of Android system images decided to make money on users." The security firm has informed MediaTek and the device vendors about this issue so the affected companies can inspect their distribution chain and find the possible culprits.
These were cheaper than cheap. No well known brand such as Samsung or even cheaper brands such as Huawei, ZTE and Xiaomi.
MegaFon Login 4 LTE
Irbis TZ85
Irbis TX97
Irbis TZ43
Bravis NB85
Bravis NB105
SUPRA M72KG
SUPRA M729G
SUPRA V2N10
Pixus Touch 7.85 3G
Itell K3300
General Satellite GS700
Digma Plane 9.7 3G
Nomi C07000
Prestigio MultiPad Wize 3021 3G
Prestigio MultiPad PMT5001 3G
Optima 10.1 3G TT1040MG
Marshal ME-711
7 MID
Explay Imperium 8
Perfeo 9032_3G
Ritmix RMD-1121
Oysters T72HM 3G
Irbis tz70
Irbis tz56
Jeka JK103
Why is Mediatek installing malware to extract and send the owner's data to China?
I just bought the latest BN Nooks as Christmas gifts. Now I have to tell EVERYONE who receives these gifts to use burner accounts, no credit cards, no sensitive gmail.
None of these companies can be trusted.
Google needs to get a grip on Android, somehow. They are ultimately responsible for this mess. Stop fucking around with self-driving cars and do your job.
Google needs to start working with vendors in the markets that use these lower end phones to make secure and reliable hardware. If there are a couple vendors making reliable phones for the ultra low end, with Googles official support and endorsement, it could go a long way in killing the market for these sorts of devices and win them a lot of favor in places where they might not be so highly regarded.
For a second I read the "Android" in the headline as talking of a humanoid robot instead of the smartphone OS, and it was a really good base for a sci-fi story
I know what I get in exchange for trading my information with Google and I know how to secure my communications when necessary for sensitive information Google and I both benefit from the relationship. When a third party gets their malware on a phone (hasn't happened to me) the user of that device has not made an informed decision to make that trade and rarely benefits from it.
They were caught red handed.
DO NOT BUY EQUIPMENT WITH MEDIATEK CPUS!
Quote from OP: "The security firm has informed MediaTek and the device vendors about this issue so the affected companies can inspect their distribution chain and find the possible culprits."
How about updating the OS in these cheap phones, even the ones already sold, with an uninfected OS. Why waste time looking for the miscreants, who may be well hidden? Just fix the OS.
In a time of universal deceit, telling the truth is a revolutionary act. George Orwell
Like what?
I got a BLU studio energy 2 a year or so back (just under a year). It is a pretty decent phone, slows down and hangs periodically requiring reboots (twice daily maybe if I run pokemon, otherwise about every other day), and incoming calls fuck it all up (takes about 15 seconds before it's responsive enough to answer, a slight nuisance once a week or so), but it has an honest 2 days of battery heavy use, I've never run it dead in 24 hours, with screen on times of 8+ hours leaving me ample battery still.
Phone + Sim + Memory card = $150
I look now and see maybe a moto G4 play (wasn't out yet) or a moto Z play (much more expensive, and bigger) as the only two maybe competitive now nearly a year later,
Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
all the shit that vendors load that spy on you all the time?
Vendors? You mean like Google?
Right now I see "GoogleLocationManager", "ContextManagerService", GoogleLocationService", and "GcmService" all running on my tablet. This is with "Location Service" turned off and after I've explicitly stopped the Google Play Services app, on a device that is in airplane mode and not been used for any app that needs location. (Any my phone, which is a later version of Android, doesn't let me stop Google Play Services at all.)
That ignores the google analytics service that shows up when the device actually is connected to the net, so that google can monitor web accesses for me.
It's probably the case for generic low end devices here in Brazil too, and probably most other countries.
Bought one of those earlier this year, something like 50 bucks for a quadcore tablet that performed pretty decently.
If you try to root it, the whole thing factory resets itself after power down.
It has several suspicious stuff pre-installed into it, and they'll always be back no matter which way you try to uninstall or delete them.
Some apps are simply shovelware, but there's plenty of stuff that apparently had no purpose there.
Crapshoot. I wanted a tablet to read some comics and do some of the basics, and also to experiment on rooting and making a device secure... ended up in the trash, going for a reputable brand instead.