Malware infecting Androids somewhere in the supply chain
Smartphones from Samsung, LG, Xiaomi, ZTE, Oppo, Vivo, Asus and Lenovo have been spotted sporting malware they apparently carried when they were shipped.
The malware discovered by Check Point Software Technologies included info-stealers, ransomware like Slocker; Loki, which shows “illegitimate advertisements” to generate revenue while stealing device information; and information stealers.
Check Point says it found infections in 38 Android devices. Since the malware wasn’t in the vendor’s ROM, the company’s researcher Oren Koriat reckons they were added in the supply chain between vendor and customer.
Koriat’s post doesn’t identify the victims beyond saying two companies owned the devices: one large telecommunications company, and one international IT company.
The malicious package names and devices they were spotted on are listed below. Since they were added after manufacture, vendors aren’t to blame.
“Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed”, Koriat writes. ®
Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/03/12/malware_infecting_androids_somewhere_in_the_supply_chain/