December 22, 2024 11:43 AM

Malware Infects 38 Android Phones Out Of The Box Including Information Stealers

A cyber security firm has found that 38 Android smartphones and tablets have malware preinstalled on them, even before owners open the box and turn their phones on. The initial list of devices include the beloved "Nexus 5" and "Nexus 5x," but the blog has been updated and without explanation, these phones were removed from the list.

The issue affects even very popular smartphone names like Samsung and LG. According to Independent, Check Point Software Technologies detected a "severe infection" on these devices that two of its corporate clients - a telecommunications firm and a multinational technology company - have used, but these two companies have not been named.

The malicious apps were not part of the official ROM firmware supplied by the device manufacturer but were added later somewhere along the supply chain, and in six of the cases, malware was installed to the ROM using system privileges. This needs the firmware to be reinstalled completely in order for the device to be disinfected.

The malware found in the devices like "Galaxy Note 2" and "Asus Zenfone 2" are fairly well known. "Loki" is a malicious advertising bot, while "Slocker" uses the Tor network to send data back to its creator without detection. Ransomware allows hackers to lock a user out from the device with a promise to restore full functionality after money has been paid. "Slocker" is a ransomware.

Users who have received a device with malware will not be able to notice any changes in the device's activity, which apparently is something that would concern users. Most of the malware discovered were information stealers, and in order for users to protect themselves, they can download and run a malware scanner as soon as you use the phone. The complete list of devices can be found here. It should be noted that not all models are infected.

Join the Discussion
Real Time Analytics