36 widely-used Android devices ship with malware preinstalled

“The Check Point Mobile Threat Prevention has recently detected a severe infection in 36 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out,” Oren Koriat reports for Check Point. “In all instances, the malware was not downloaded to the device as a result of the users’ use, it arrived with it.”

“According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain,” Koriat reports. “Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed.”

“Most of the malware found to be pre-installed on the devices were info-stealers and rough ad networks, and one of them was Slocker, a mobile ransomware. Slocker uses the AES encryption algorithm to encrypt all files on the device and demand ransom in return for their decryption key,” Koriat reports. “The discovery of the pre-installed malware raises some alarming issues regarding mobile security. Users could receive devices which contain backdoors or are rooted without their knowledge.”

More info, including the full list of Samsung, Oppo, Lenovo, Asus, and Xiaomi Android phones, in the full article here.

MacDailyNews Take: iOS unaffected.

Anyone who values their security and privacy would be foolish to use any device that fails to sport the Apple logo.MacDailyNews, March 22, 2016

The cost of free: More than one million Google Android devices hit by malware – November 30, 2016
Secret backdoor in U.S. Android phones sent location, text, contact data to China – November 15, 2016
Google to pay $5.5 million for sneaking around Apple’s privacy settings to collect user data – August 31, 2016
Cybersecurity researchers: Fitness trackers vulnerable to tracking, privacy breaches – but not Apple Watch – February 2, 2016
EFF files complaint asking for federal investigation; says Google broke privacy pledge, tracked students – December 1, 2015
Tim Cook gets privacy and encryption: We shouldn’t surrender them to Google – June 4, 2015
Apple CEO Tim Cook champions privacy, blasts ‘so-called free services’ – June 3, 2015
How Google aims to delve deeper into users’ lives – May 29, 2015
Apple CEO Cook: Unlike some other companies, Apple won’t invade your right to privacy – March 2, 2015
Edward Snowden’s privacy tips: ‘Get rid of Dropbox,” avoid Facebook and Google – October 13, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
U.S. NSA watching, tracking phone users with Google Maps – January 28, 2014
U.S. NSA secretly infiltrated Yahoo, Google data centers worldwide, Snowden documents say – October 30, 2013
Google has already inserted some U.S. NSA code into Android – July 10, 2013
Court rules NSA doesn’t have to reveal its semi-secret relationship with Google – May 22, 2013
Google Street View cars grabbed locations of cellphones, computers – July 26, 2011
Consumer Watchdog calls for probe of Google’s inappropriate relationship with Obama administration – January 25, 2011
Wired: Google, CIA Invest in ‘future’ of Web monitoring – July 29, 2010
37 states join probe into Google’s questionable Wi-Fi data collection – July 22, 2010
Google Street View Wi-Fi data included passwords and email – June 18, 2010

[Thanks to MacDailyNews Reader “Dan K.” for the heads up.]


    1. Yes, US. A variety of carriers and phones. How the malware is being put onto the devices is unclear. So far, the results have been published from two unnamed companies where infected Android devices were found. There is A LOT more to be revealed about this situation as the investigation continues.

      These days, there are so many ways to compromise computing devices that it’s a waste of time to guess about infection vectors. That such a wide variety of Android devices at apparently a variety of companies among a variety of employees allows so far only one reliable conclusion:

      Android remains the single most dangerous operating system available today. So don’t. Just don’t.

  1. larrymagoo,

    Just because you have a “Smart” TV doesn’t mean you have to set it up so it’s connected to the net. If you’re worried about this then reset the TV and don’t allow it to connect to your wi-fi.

    I have an old WD TV media player which I use for converted dvds and blurays. I reset the sucker and so it doesn’t connect to the net. I did the same with my TV. You could argue that I’m hobbling the system and going back 10 to 15 years in technology but at least I know it’s secure.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.