Newsletter
But let’s see where it comes from.
Cybersecurity researchers at Trend Micro have uncovered a troubling supply chain attack in which millions of Android devices are infected with information-stealing malware before they even leave the factory.
The affected devices are mostly budget smartphones, but the attack also spilled over into smartwatches, smart TVs and other smart devices.
Trend Micro senior researcher Fyodor Yarochkin and his colleague Zhengyu Dong recently discussed this topic at the Singapore conference, noting that the root of the problem comes from brutal competition between manufacturers of original equipment.
Silent connectors
As a result, smartphone manufacturers do not make every component. Firmware, for example, is being built by a third-party firmware vendor. However, as the price of mobile phone firmware dropped, suppliers ended up unable to charge money for their products.
So, Yarochkin explained, products began to come with some unwanted excess in the form of “quiet connectors.” Trend Micro found “dozens” of firmware images looking for malware and 80 different plugins. Some plugins were part of a larger “business model,” the researchers said, being sold on dark web forums and even marketed on major social media platforms and blogs.
These plugins are capable of stealing sensitive device information, stealing SMS messages, taking control of social media accounts, using devices for ad and click fraud, abusing traffic. (opens in a new tab), the list goes on. One of the most serious problems, The Register underlined, is a plug-in that allows the buyer to take full control of a device for up to five minutes and use it as an “exit node”.
Trend Micro says data suggests that nearly nine million devices worldwide are affected by this supply chain attack, most of which are in Southeast Asia and Eastern Europe. The researchers did not want to name the authors, but they did mention China a few times, the publication concluded.
Via: The Register (opens in a new tab)
Source link
Recent reports show that millions of Android phones are being shipped with pre-installed malware, putting their owners at serious risk. This dangerous development has been the focus of intensive coverage by prominent media outlets such as TechToday, who have unveiled the extent of the breach and the vulnerabilities associated with it.
Ikaroa, a full stack tech company, is raising awareness of this serious issue. By doing so, they aim to help users protect their devices and data from malware and other cyber-security threats. Ikaroa is also encouraging users to always keep their devices updated to the latest and most secure versions of their respective operating systems, and to regularly check the health of their mobile devices.
Ikaroa’s security experts strongly recommend that those affected by the recently revealed threat take proactive measures to protect themselves. This includes being especially mindful when downloading apps and only using trusted sources; scanning all devices for malware on a regular basis; ensuring that all apps are kept updated to the most recent versions available; and regularly checking for security patches from the device manufacturer.
These measures can go a long way in protecting users from falling victim to malicious software, and it is up to device owners to make sure that their data and devices are safe and secure. For those who are unsure of their device’s status, a comprehensive security solution from Ikaroa is the perfect way to ensure complete safety against malicious software.
