Pre-loaded malware found on smartphones
Posted by: Jon Ben-Mayor on 12/06/2014 07:45 AM
[
Comments
]
Researchers have discovered what has been determined to be Chinese malware pre-loaded onto several bargain smartphones being sold in in Asian and African countries. The fact that it's pre-loaded ensures that it cannot be uninstalled by the end user or by antimalware software.
The malware is activated in two ways — both dependent on the victim’s use of the phone. First, the malware will activate if the phone is powered down and rebooted five times. On the fifth reboot, the malware starts.
Second, the malicious service will start after the victim has been away and present at the device at least fifty times.
Affected phones:
Counterfeit Samsung GS4/Note II
A variety of TECNO devices
Gionee Gpad G1
Gionee GN708W
Gionee GN800
Polytron Rocket S2350
Hi-Tech Amaze Tab
Karbonn TA-FONE A34/A37
Jiayu G4S – Galaxy S4 clones,
Haier H7
a i9502+ Samsung clone by an unspecified manufacturer
There is no indication of where in the supply chain the malware was introduced, but Lookout notes that it was loaded in the system directory of the devices.
Source: Lookout
The malware is activated in two ways — both dependent on the victim’s use of the phone. First, the malware will activate if the phone is powered down and rebooted five times. On the fifth reboot, the malware starts.
Second, the malicious service will start after the victim has been away and present at the device at least fifty times.
Affected phones:
There is no indication of where in the supply chain the malware was introduced, but Lookout notes that it was loaded in the system directory of the devices.
Source: Lookout
Comments
