14 DAY TRIAL // Somewhere in the supply chain of some Android phones that reached two companies, there was a weak link which allowed 38 devices to become infected with malware.
According to Check Point Software Technologies, several malware types were found on 38 Android devices that landed on the doorstep of two unidentified companies. The malicious apps weren't part of the official ROM firmware supplied by phone manufacturers but were added later, somewhere along the supply chain.
Researchers say that in six of the cases, malware was present installed to the ROM using system privileges. All these devices had to go through a complete install of the firmware in order for the malware to be removed.
While details were not given about the full extent of the attack, it seems that most malicious apps were trying to steal people's information, while also trying to get them to tap on various ads.
"Loki" malware was found on the devices, a malicious program looking to gain system privileges, while ransomware "Slocker" was discovered on others, using the TOR network to hide the identity of the operators.
A wide range of attacked devices
As mentioned, there were 38 devices affected, and while they all operate with Android, they're not the same. The list of infected devices includes Galaxy Note 2, LG G4, Galaxy S7, Galaxy Note 4, Galaxy Note 5, Galaxy Note 8, Galaxy A5, Xiaomi Mi 4i, ZTE x500, Galaxy Note 3, Galaxy Note Edge, Galaxy Tab S2, Galaxy Tab 2, Oppo N3, Asus Zenfone 2, viva X6 plus, Lenovo S90, Oppo R7 plus, Xiaomi Redmi, and Lenovo A850.
This isn't the first time such an attack has taken place. Several times in the past few years, Android phones have been shipped preinstalled with some of these nasty apps trying to gain control over people's phones and data.
Researchers at Check Point refuse to say whether this was a targeted attack on the two companies, but at this point, it doesn't seem unlikely. It would be interesting to know who supplied the phones to the unnamed companies.
This goes on to reinforce the fact that it may not be a bad idea to run a malware check before you even start using your phone and installing any of the apps you regularly use.