21 August 2019

Google confirms some android smartphones had pre-installed

Home page Technology
12 Punto 14 Punto 16 Punto 18 Punto

The malware was detected three years ago but was later found to have evolved. Hackers began to embed it in the firmware of low-priced Android smartphones, which were primarily sold in China. reports citing Sputnik.

Google has confirmed that some Android devices had come with pre-installed backdoors right out of the box.

As first reported by the Russia-based cybersecurity provider Kaspersky Lab back in 2016, the malware, called Triada, was initially a Trojan that would obtain root privileges and display intrusive ads on a user's phone.

Google virus analysts managed to wipe it out from all Android devices, but in the summer of 2017 it became clear that Triada had evolved from a rooting Trojan into a pre-installed Android framework backdoor.

The new, more elusive and sophisticated iteration of the virus was embedded into the source code of the system library on Android phones, according to Russian anti-malware company Doctor Web.

It became more dangerous as well, capable of "smuggling" various Trojan modules into the processes of any application; they could steal personal data from bank applications, or intercept correspondence on social media.

Given that the new Trojan was now installed deep in the system section, it became impossible to remove it with special apps and the only way to get rid of it was to erase the phone and install clean firmware.

But how did it get to Android devices in the first place? According to Lukasz Siewierski from the Android security and privacy team, Triada was pre-installed during the production process.

He assumed that a vendor using the name Yehuo or Blazefire, which provided additional features to the original manufacturer, had been supplying an infected Android application.

2019.06.10 / 23:56
See also

Alibaba postpones up to $15 billion Hong Kong listing

UK mobile provider activates 5G service using Huawei router

Hackers attack Russian UK embassy’s website

Nigerian teenage girls win $50,000 in Silicon Valley

Twitter and Facebook remove Chinese accounts

Iran launches employment data system

Trump does not want to do business with Huawei

'Fake' Amazon ambassadors baited on Twitter

Soyuz-2.1a rocket will be launch on Aug 19

AI-empowered sexbots 'replace human intimacy'

Xocalı soyqırımı — 1992-ci il Bağla
Bize yazin Bağla