Home Technology Millions of new smartphones come with malware

Millions of new smartphones come with malware

Millions of new smartphones come with malware

Cheap Android smartphones very often contain malware
(photo: CC0 Public Domain)

Millions of smartphones around the world are being shipped with pre-installed malware in the firmware directly from the factories, Trend Micro experts warned at the Black Hat Asia conference.

It’s primarily low-cost Android mobile devices, although smart TVs, smartwatches and other gadgets are catching up as malware distributors, experts say.

Brands often delegate the launch of mobile devices to contractors – OEMs. Firmware developers involved in this scheme sometimes infect them with malicious code before they are shipped to customers – a threat that has been known for years, but Trend Micro characterizes it as a “growing problem for ordinary consumers and businesses”.

Installing malicious code is comparable to introducing an infection at the root of a tree, which then spreads throughout the trunk, down to the last branch and leaf, notes The Register in a publication about the negative trend in the smartphone market.

The introduction of malware started when mobile phone firmware prices crashed. The competition became so fierce that at one point the firmware was offered for free. But nothing is free, of course, and the practice of installing so-called silent plugins has spread on a large scale.

Trend Micro experts analyzed dozens of firmware samples for malicious code and found more than 80 such add-ons. Some of them are sold through closed channels, while others are delivered openly through social networks and blogs.

Smartphone malware allows interception of SMS messages, hacking of social network and messenger accounts, and profiting from advertising and click fraud schemes. Attackers gain access to data about keystrokes, geographic location of users, their IP addresses and other information.

Sometimes infected devices become proxy servers – exit nodes that are rented for up to 1,200 seconds, security experts explain.

According to the researchers, the number of infected devices is measured in the millions, with most of them in Southeast Asia and Eastern Europe – and the criminals themselves talk about 8.9 million units.

The authors of the report do not directly indicate the source of the threat, but they provide a wild card – where most OEMs are located. Malware has been found in the devices of at least 10 vendors, and about 40 more are at risk.

The way to protect against the threat is quite simple: it is recommended that buyers stick to the products of big brands, although this cannot be a guarantee of complete safety.


Please enter your comment!
Please enter your name here