Criminals in 2017 managed to get an advanced backdoor [Triada] preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday.
Once installed, Triada’s chief purpose was to install apps that could be used to send spam and display ads. It employed an impressive kit of tools, including rooting exploits that bypassed security protections built into Android and the means to modify the Android OS’ all-powerful Zygote process. That meant the malware could directly tamper with every installed app. Triada also connected to no fewer than 17 command and control servers.
In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices, including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. The attackers used the backdoor to surreptitiously download and install modules. Because the backdoor was embedded into one of the OS libraries and located in the system section, it couldn’t be deleted using standard methods, the report said.
On Thursday, Google confirmed the Dr. Web report, although it stopped short of naming the manufacturers.
MacDailyNews Take: Google’s toxic hellstew continues to boil unabated.
People who value security and privacy use real iPhones and iPads.
[Thanks to MacDailyNews Reader “Chris” for the heads up.]
Can’t believe people put up with Google.
FTR/FWIW: The “Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20” are not exactly in the same category of manufacturer as Samsung, LG, Moto, etc.
I’d be hugely more concerned if this were confirmed for any phone I’d ever heard of. Not to gainsay that Apple doesn’t have a much higher degree of security, because it does.
Anyway, jus’ sayin’ a little perspective goes a long way in disambiguating click bait journalism from thoughtful reporting….
Maybe not top sellers, but a factual story.
Google is, along with Facebook, THE most intrusive organization in the United States, bar none!
The Android manufactures are Chinese. The back door tools smell of state level organization. Along side the SuperMicro fiasco, and not wanting to sound like Bloomberg, but as a consumer who has no experience in manufacturing and software distribution points, in China – How can Google or even Apple, for that matter, prevent this sort of thing? How did SuperMicro, if it’s not specifically proven, get an extra chip impeded in it’s hardware, without knowing?
What I am tying to say – What are the control mechanisms, where working in hostile environments, Western companies can control and confirm that there is no compromise to the integrity of their hardware and or software?
I am not trying to say bad things about google – at least not about this subject. It’s quite embarrassing. But it seems everyone is working with the enemy in a zero trust environment.
Far worse things are going to happen, unless there’s a definitive playbook to prevent this from happening.
Google always gives the right information to us! that’s the reason which makes google more trustworthy.