The latest Android smartphones are being infected by malware out of the box.
Previously, such infections occurred due to an insecure practice like clicking on a suspicious link or by downloading a shady application. However, it is lately being seen that the latest Android smartphones are being infected even prior to use.
The discovery was made by Check Point, a cyber security company, which raised these concerns regarding security for Android devices. This makes it all the more important to use a malware scanner even for a new mobile phone.
Malware Pre Installed
Check Point has published a post in its blog that the company had discovered severe infections on 38 devices that were running on Android. This is not surprising, as more and more hackers have started using malware. However, what is surprising is that such kind of malware has not been downloaded into the smartphone, but rather it comes pre installed with the device.
The malware is present in the smartphones and other devices even before they reach the users. However, the malware was not present in the ROM that the vendor supplied, so this means that the malware has been introduced into the devices somewhere down the supply chain.
Malware on ROM
Moreover, it was seen by the cyber security company that in six of the cases, the malware had been added on the ROM of the device with the use of system privileges. Users will not be able to remove such malware from their devices, as it needs re flashing to remove the malware.
Kind of Malware
Much of the malware that was seen on the infected Android devices consisted of information stealing and advertising networking types. Slocker was one such malicious app, a mobile malware encrypting files on the device with the use of AES algorithm. It then demands a ransom when the victim wants the decryption key. Loki is an advertising network. It is a little complex and shows illegitimate ads on the device to generate revenue.
Smartphones with Malware
The smartphones that were seen to have such malware installed on them were those by Samsung and Google, as well as Xiaomi, Oppo, Vivo, Lenovo and Asus among others. However, it does not mean to say that all the devices of these smartphone models will be infected out of the box.
The 38 Android phones and devices that were seen to have these type of malware pre installed in them came from two companies, namely a telecommunication company and a multinational tech company. It is possible that those who installed the malware in the supply chain have specifically aimed at these two companies.
In order to protect oneself from such risks of malware right out of the box in case of these smartphones and devices, it is important to buy the device from a verified seller. Once the device has been received, it is also important that you immediately download the malware scanner, so that the device does not come in contact with any free malware or a ransomware.