Android devices shipped with malware
Check Point Software has announced it has uncovered instances of Android devices that shipped to end users with malware preinstalled on the devices somewhere along the supply chain.
The company’s Mobile Threat Prevention system detected infections in 38 Android devices belonging to two unnamed large ICT companies.
The malicious apps were present on the devices but were not part of the official ROM supplied by the vendor, but were instead added somewhere further down the supply chain. Six malware instances were added using system privileges, meaning they could not be removed by the user.
Most of the malware found to be preinstalled were information stealers and rough ad networks, such as the complex Loki malware, but the list also included the Slocker mobile ransomware.
In a blog post, Check Point Cyber Analyst Oren Koriat noted that the most insidious aspect of preinstalled malware is that it can compromise the security of even the most careful users.
“The discovery of the preinstalled malware raises some alarming issues regarding mobile security. Users could receive devices which contain backdoors or are rooted without their knowledge,” he said.
“To protect themselves from regular and preinstalled malware, users should implement advanced security measures capable of identifying and blocking any abnormality in the device’s behaviour.”
Accenture to spend $6bn growing its OT security business
Accenture has arranged to acquire a majority stake in OT security company Dragos and complete two...
ACSC critical alert for Fortinet Firewalls and VPN Gateways
The Australian Cyber Security Centre has raised an alert that it is aware a widespread malicious...
Check Point and Illumio team up to counter AI threats
Check Point and Illumio have announced an expanded partnership aimed at helping organisations...
