The Controversial Truth
  • home
  • Spotlight
  • About
    • Network Details
    • Contributor Profiles
    • Social Networks
    • Friends & Allies
    • Contact Form
  • Join The Battle
    • Content Distribution
    • Join Admin Team
    • Radio Show Application
    • Sign Up For Newsletter
    • Tips, Tricks, Tools & More
  • Donate to The Cause
    • Affliates

ANDROID DEVICES INFECTED WITH MALWARE PREINSTALLED IN SUPPLY CHAIN

3/18/2017

0 Comments

 
Picture
​Mobile devices manufactured by a diverse set of handset makers were discovered to be loaded with malware pre-installed somewhere along the supply chain. Check Point Software Technologies said that it found 38 Android handsets were infected with adware, information-stealing malware and ransomware, a collection of malicious code as sundry as the number of different manufacturers
Researcher Daniel Padon said the 38 handsets belonged to Check Point customers who work for either an unidentified large telecommunications company, or multinational technology company. Padon would not identify the two companies, nor whether they were from the same country or region of the world.

The malware was added to the devices before they were in the users’ hands, and were not part of the vendor’s original ROM. For six of the devices, the attacker had system privileges for the device and the malware could not be removed without re-flashing the phone.

“We were surprised by such a number of different models; that seems strange to us,” Padon said. “When you have a large range of devices, it raises questions about how they chose to attack them and why so many different devices were infected.”

Padon speculated that the devices could have been tampered with at a retail location, and the phones were sold to the two companies. All 38 devices have been remediated through Check Point’s products, and Padon said that there are likely more devices in the wild that were similarly infected.

Padon said Check Point’s analysis determined when the original ROM was installed, and then weeks, months, or in one case, a year later, the malware was added to the ROM before the user activated it.

“This raises the question of the intent of the attack,” Padon said. “We would have expected one type of malware infecting one type of device. Since we found different malware, it could be someone experimenting, or separate events that are not connected; it’s all speculation at this point.”

Check Point said it found six devices infected with the Loki Trojan, a malicious ad network that’s been in circulation for more than a year. Loki can display ads to generate revenue, has mechanisms to maintain persistence, and it can intercept communication and exfiltrate data from an Android device. They also found devices infected with Slocker mobile ransomware, which encrypts files on the device and uses the Tor network for command and control communication.

“The main issue is the potential risk in such attacks is not something to be takes lightly because the grants such extensive capabilities,” Padon said. If an attacker has the device before it is returned to the supply chain, this opens any company or user to be infected with malware even if they’ve never clicked on a suspicious link, opened an attachment in an email or downloaded a phishing app.”

Check Point published a list of malware names, hashes and infected device types, which include:
  • Samsung Galaxy Note 2
  • Samsung Galaxy Note 3
  • Samsung Galaxy Note 4
  • Samsung Galaxy Note 5
  • Samsung Galaxy Note 8
  • Samsung Galaxy Note Edge
  • Samsung Galaxy S4
  • Samsung Galaxy S7
  • Samsung Galaxy A5
  • Samsung Galaxy Tab S2
  • Samsung Galaxy Tab 2
  • LG G4
  • Xiaomi Mi 4i
  • ZTE x500
  • Oppo N3
  • Vivo X6 plus
  • 5 Asus Zenfone 2
  • Lenovo S90
  • OppoR7 plus
  • Xiaomi Redmi
  • Lenovo A850

Padon said this is the first time Check Point has investigated such an interdiction of the mobile supply chain. Last November, researchers at Kryptowire disclosed that phones manufactured by ADUPS Technology Co., of Shanghai, China were using and over-the-air update system shipped with BLU Products R1 HD phones to monitor users without permission.
​
This article was updated March 17 to update the list of affected devices, removing Nexus devices from the list. ​
Picture
Republished from Threat Post, written by Michael Mimoso
0 Comments



Leave a Reply.

    Picture

    RSS Feed

    Categories

    All
    AntiZionism
    Documentaries
    Economics
    Freedom
    GeoPolitics
    Health & Medicine
    Highlighted
    History
    MGTOW
    MiddleEast
    RadioShow
    Russia
    ScamAlert
    Science & Tech
    SephNHaven
    TyrannyUnmasked
    WW3

    Archives

    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    August 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016

Picture
Home
​Spotlight
About
Join The Battle
Donate
Social Networks
Mailing List
​Contact Us
​Affiliates 
Radio Show
Friends & Allies

​The Controversial Truth Project
​

"Truth is not what you want it to be;
​it is what it is,
and you must bend to its power or live a lie" - Musashi Miyamoto

​
Started February 2016 by a small group of truth disseminators bringing you the facts from across the globe to this day.

​
Copyright 2017 © WWW.CON-TRU.COM All Rights Reserved.


​Trusted Businesses

Picture
truth.con-tru.com/guardian88home
  • home
  • Spotlight
  • About
    • Network Details
    • Contributor Profiles
    • Social Networks
    • Friends & Allies
    • Contact Form
  • Join The Battle
    • Content Distribution
    • Join Admin Team
    • Radio Show Application
    • Sign Up For Newsletter
    • Tips, Tricks, Tools & More
  • Donate to The Cause
    • Affliates