Friday, May 25, 2018

Why go through all the trouble to download Malware, why not just get it pre-installed. More than 100 different low-cost Android models from manufacturers such as ZTE, Archos, and myPhone ship with malware pre-installed.



Avast has found that many low-cost, non-Google-certifed Android  phones shipped with a strain of malware built in that could send users to download apps they didn’t intend to access. The malware, called called Cosiloon, overlays advertisements over the operating system in order to promote apps or even trick users into downloading apps

The app consists of a dropper and a payload. “The dropper is a small application with no obfuscation, located on the /system partition of affected devices. The app is completely passive, only visible to the user in the list of system applications under ‘settings.’ We have seen the dropper with two different names, ‘CrashService’ and ‘ImeMess,'” wrote Avast. The dropper then connects with a website to grab the payloads that the hackers wish to install on the phone.


https://techcrunch.com/2018/05/24/some-low-cost-android-phones-shipped-with-malware-built-in/

No comments:

Post a Comment