Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Found Preinstalled On 38 Android Phones Used By 2 Companies (arstechnica.com)

Posted by BeauHD on from the take-a-hint dept.

An anonymous reader quotes a report from Ars Technica: An assortment of malware was found on 38 Android devices belonging to two unidentified companies. This is according to a blog post published Friday by Check Point Software Technologies, maker of a mobile threat prevention app. The malicious apps weren't part of the official ROM firmware supplied by the phone manufacturers but were added later somewhere along the supply chain. In six of the cases, the malware was installed to the ROM using system privileges, a technique that requires the firmware to be completely reinstalled for the phone to be disinfected. Most of the malicious apps were info stealers and programs that displayed ads on the phones. One malicious ad-display app, dubbed "Loki," gains powerful system privileges on the devices it infects. Another app was a mobile ransomware title known as "Slocker," which uses Tor to conceal the identity of its operators. Check Point didn't disclose the names of the companies that owned the infected phones. Padon said it's not clear if the two companies were specifically targeted or if the infections were part of a broader, more opportunistic campaign. The presence of ransomware and other easy-to-detect malware seems to suggest the latter. Check Point also doesn't know where the infected phones were obtained. One of the affected parties was a "large telecommunications company" and the other was a "multinational technology company."

3 of 54 comments (clear)

  1. [yawn] This is old hat. by weedjams · · Score: 5, Interesting

    Buying devices, opening them up and altering them, then returning to store has been popular for decades. Is called 'pre-p0wnd'.

    1. Re:[yawn] This is old hat. by demonlapin · · Score: 1, Interesting

      Yeah, wipe-and-reinstall (while connected to a guest network) is a necessity with preowned/open box items.

  2. Re: Marketing Article by Anonymous Coward · · Score: 2, Interesting

    Perhaps Breitbart will pretend it's the CIA? I'm reminded of the recent Breitbart news , "CIA uses stolen malware to attribute cyber attacks to nations like Russia"...

    Although Occams Razor suggests this is more to do with the investigation of Roger Stone of Breitbart, who apparently was coordinating propaganda with Russian government hacker Guccifer 2.0 during the election.

    Watch him on RT, Russian propaganda TV. Party before country. Traitors who'd sell out America for power.
    https://www.youtube.com/watch?v=sjMUyPwe38E

    So let's see if Breitbart spins this into an anti-CIA, anti-America thing.