Malware Preinstalled on Many Android Phones
Android phones from a variety of companies have reached business employees with malware already installed according to researchers. How and why it got there is not yet confirmed.
The report comes from Checkpoint, a security company. It says it was examining devices used by staff at two businesses: one a "large telecommunications company" and the other a "multinational technology company." (Source: checkpoint.com)
While it's not unusual to find malware on employee phones during some checks -- that's partly the purpose of hiring services such as Checkpoint. Researcher Oren Koriat says what makes this unusual is that the malware had clearly been preinstalled rather than getting on the phones while the employees were using them.
Ramsomware And Adware Present
In total, 36 devices were found to have malicious applications preinstalled. More than 20 different makes and models of phones were affected.
In six cases, the malware had been installed on the system's read-only memory, meaning it couldn't be removed and instead the phone had to be completely wiped clean and the operating system reinstalled.
The malware was mainly made up of applications designed to steal information, plus applications that display unwanted ads on the phone as part of a scam to claim money from advertisers. One device had an application that could encrypt the device's files to set up a ransom demand.
Security Breached in Supply Chain
Checkpoint's investigation showed that the malware wouldn't have been in place when the phone was dispatched by the original manufacturers, meaning it was added somewhere in the supply chain.
Koriat says it isn't clear if the people behind the malware were intentionally targeting the companies that used the phones, or if it was part of a larger-scale scheme.
According to Koriat, companies giving staff new phones should consider scanning them for malware before use, as well as using good security practice from day to day. The incident may also suggest companies need to carefully vet suppliers when buying phones from those other than the original manufacturers. (Source: sophos.com)
What's Your Opinion?
Do you think this is likely to be a widespread problem? Should Google insist a basic security scanner is included all Android devices, similar to the built-in Windows security tools? Should resellers be expected to check phones before passing them on to customers?
Infopackets Top Windows 10 FAQs
How to Upgrade from Windows 10 32-bit to 64-bit
How to Fix: Windows 10 Antivirus Missing, Not Compatible
How to Fix: Windows 10 Display Shifted; Screen Fuzzy
How to Upgrade Windows 7, 8 32-bit to Windows 10 64-bit
to Downgrade from Windows 10
- How to Fix: Windows 10 Upgrade Failed Error C1900208
- How to Fix: Windows 10 Upgrade Failed Error 80240020
- Can I Cancel my Windows 10 Reservation and Reserve Later?
- How to Clean Install Windows 10 using Windows 7, 8 License
- Will Windows 10 Install Automatically?
- Windows 10 Upgrade: Do I have to Reinstall Programs?
- Windows 10 Upgrade: Can I choose 32-bit or 64-bit?
- Which Version of Windows 10 Will I Get (Home or Pro)?
- How to Reserve Windows 10 Upgrade (Free)
- How to Fix: CPU Not Compatible with Windows 10 Error
- Windows 10 Upgrade: Can I keep my Old Windows Install?
- How to Cancel Windows 10 Reservation (Properly)
- Download Windows 10 .ISO (DVD) for Clean Install?
- Microsoft: Windows 10 Will Be The Last Version
- Does Windows 10 require the CPU to support PAE?
- Windows 10: Can I Upgrade or do I need a Clean Install?
Click here for more Windows 10 articles.