Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Found In the Firmware of 26 Low-Cost Android Models (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

An anonymous reader writes: Security researchers have found malware hidden in the firmware of several low-end Android smartphones and tablets, malware which is used to show ads and install unwanted apps on the devices of unsuspecting users. 26 Android device models have been found to be vulnerable. The common link between all these devices is that all are low-cost devices, mostly marketed in Russia, and which run on MediaTek chipsets.

According to security researchers from Dr.Web, a Russian antivirus vendor, the malware appears to have been added to the firmware by "dishonest outsourcers who took part in [the] creation of Android system images decided to make money on users." The security firm has informed MediaTek and the device vendors about this issue so the affected companies can inspect their distribution chain and find the possible culprits.

5 of 60 comments (clear)

  1. The list by fred6666 · · Score: 4, Informative

    These were cheaper than cheap. No well known brand such as Samsung or even cheaper brands such as Huawei, ZTE and Xiaomi.

            MegaFon Login 4 LTE
            Irbis TZ85
            Irbis TX97
            Irbis TZ43
            Bravis NB85
            Bravis NB105
            SUPRA M72KG
            SUPRA M729G
            SUPRA V2N10
            Pixus Touch 7.85 3G
            Itell K3300
            General Satellite GS700
            Digma Plane 9.7 3G
            Nomi C07000
            Prestigio MultiPad Wize 3021 3G
            Prestigio MultiPad PMT5001 3G
            Optima 10.1 3G TT1040MG
            Marshal ME-711
            7 MID
            Explay Imperium 8
            Perfeo 9032_3G
            Ritmix RMD-1121
            Oysters T72HM 3G
            Irbis tz70
            Irbis tz56
            Jeka JK103

  2. Mediatek, WHAT IS YOUR PROBLEM?! by emil · · Score: 3, Insightful

    Why is Mediatek installing malware to extract and send the owner's data to China?

    I just bought the latest BN Nooks as Christmas gifts. Now I have to tell EVERYONE who receives these gifts to use burner accounts, no credit cards, no sensitive gmail.

    None of these companies can be trusted.

  3. Kill the market for this crud by anthony_greer · · Score: 4, Interesting

    Google needs to start working with vendors in the markets that use these lower end phones to make secure and reliable hardware. If there are a couple vendors making reliable phones for the ultra low end, with Googles official support and endorsement, it could go a long way in killing the market for these sorts of devices and win them a lot of favor in places where they might not be so highly regarded.

  4. Re:So what? by cmiller173 · · Score: 4, Insightful

    I know what I get in exchange for trading my information with Google and I know how to secure my communications when necessary for sensitive information Google and I both benefit from the relationship. When a third party gets their malware on a phone (hasn't happened to me) the user of that device has not made an informed decision to make that trade and rarely benefits from it.

  5. It most CERTAINLY IS Mediatek! by emil · · Score: 5, Informative

    They were caught red handed.

    When Google had previously updated its systems to check for ADUPS, MediaTek (they make the chipset in millions of low-end phones) simply modified their system software to evade Google’s checks. Nice one MediaTek!

    DO NOT BUY EQUIPMENT WITH MEDIATEK CPUS!