Check Point Mobile Threat Prevention which is also a maker of cybersecurity products has recently published a report. The found malwares in 36 android handsets which were being used by a large telecommunications company. This is not unusual to detect a malware in an android device. The strange thing about this discovery was that the malware came preinstalled on the devices.
The malware was not installed by the users and was already present when the device was bought by the users. The malware was not part of the official ROM, they were installed by using system privileges. Meaning that users cannot remove the infected apps until the device is re-flashed.
The installed malwares that came preinstalled on the devices were capable of stealing user information while some were just simple rough ad networks. The report published by Check Point Software Technologies mentioned two examples of malwares. Adnet which is Loki Malware and is capable of installing itself and can take full control of the infected device. Another malware was Sloker which is a ransomware. Ransomewares are malware that encrypt user files present on a device and then demand ransom for decryption key.
This is not the first time that android devices are shipped with a preinstalled malware. In November 2016 researchers found devices manufactured by BLU were infected by backdoors. The infected devices were estimated to be hundreds of thousands in numbers. A separate research which was conducted by a different team a few days later uncovered another backdoor which was found on approximately 3 million android devices which included BLU and other Android device manufacturers.
Users should scan there devices regularly by using some well known malware scanners which include Lookout, 360 Security, Check Point, AndroHelm’s Mobile Security and Malwarebytes. It is also recommended to buy android devices from reputable sellers.
Here is the list of infected APK’s and Infected devices found by Check Point Software Technologies
List Of Malware APKs Affected Devices
com.fone.player1 Galaxy Note 2
` LG G4
com.lu.compass Galaxy S7
com.kandian.hdtogoapp Galaxy Note 4
Galaxy Note 8.0
com.sds.android.ttpod Galaxy Note 2
Xiaomi Mi 4i
com.baycode.mop Galaxy A5
com.kandian.hdtogoapp Galaxy S4
com.iflytek.ringdiyclient ZTE x500
com.android.deketv Galaxy A5
com.changba Galaxy S4
Galaxy Note 3
Galaxy Note Edge
Galaxy Note 4
com.example.loader Galaxy Tab S2
com.armorforandroid.security Galaxy Tab 2
com.android.ys.services Oppo N3
Vivo X6 plus
com.mobogenie.daemon Galaxy S4
com.google.googlesearch Asus Zenfone 2
com.example.loader OppoR7 plus
com.yongfu.wenjianjiaguanli Xiaomi Redmi
air.fyzb3 Galaxy Note 4
com.ddev.downloader.v2 Galaxy Note 5
com.mojang.minecraftpe Galaxy Note Edge
com.androidhelper.sdk Lenovo A850