Report finds Android malware pre-installed on hundreds of phones

Latest news

    This isn’t the first time we’ve seen bad apps pre-installed, as Lenovo famously shipped the “Superfish” malware with brand new PCs. It’s one of the bigger scandals related to malware installed on Android devices, however, and might affect a lot more users.

    There are a couple of different variants of the Android malware APKs, but they work on the same principal.The infected apps, called droppers, are installed in a hidden way in a list of system applications in the settings. They download a small file called a manifest that tells the app what other files to gets. It then downloads those and installs an APK from an URL found in the manifest, and uses a standard Android command to install it. Finally, it starts the payload service.

    The payload APK contains Google, Facebook and Baidu ad frameworks. It is able to detect any antivirus software, and will “hold back any suspicious actions in this case,” said Avast. If not, it will show popup ads for sketchy games while you surf on your default browser. That’s already a big nuisance, but could get a lot worse if you actually installed any of the games.

    The top countries affected are Russia, Italy, Germany, the UK and France. Avast managed to disable the dropper server via takedown requests, but it was quickly restored using another provider. The adware servers are still operating, and lots of users have complained about it, the company notes.

    Avast contacted Google, which “has taken steps to mitigate the malicious capabilities of many app variants on several device models, using internally developed techniques,” said the company. Specifically, Google Play Protect should automatically disable the dropper and the payload, if it’s available.

    View the original article: https://www.engadget.com/2018/05/24/report-finds-android-malware-pre-installed-on-hundreds-of-phones/

    Another solution, of course, is to use mobile antivirus software that Avast just happens offer (or another antivirus app, we presume). That should uninstall the payload, but you’ll have to manually go into your settings to disable the dropper. For more information about how to do that, check here.

    In the same category are

    Why Elon Musk isn’t the hero we imagined Here's the downside to all of that utopianism: As it stands, the Model 3 isn't really ready to go, despite currently being sold to pre-order customer...
    Dr. Julius Neubronner’s fantastic flying cameras Between 1908 and 1909, Neubronner's pigeon camera was covered in various newspapers, including the New-York Daily Tribune, The Columbian, the Los Ange...
    Magic Leap’s lackluster AR demo proves hardware is still hard The next day, Magic Leap co-founder Rony Abrovitz went on Twitter to explain that the video was a teaching tool for the creator and developer communit...
    Amazon’s Part Finder helps you find those weird screws you need Amazon added the feature to its iOS app a couple of weeks back, it confirmed to TechCrunch, but didn't announce Part Finder or even mention it in the ...
    The Morning After: How Android stifles competition It's probably better just to wait for the battery to recharge.Zero motorcycle's modular battery is one pricey upgrade Electric motorcycles can be a t...
    Fujifilm’s oddball XF10 fixed-lens APS-C camera costs only $500 The XF10 is essentially a 1080p 60fps camera, as it does shoot 4K but at a rather useless 15 fps. The ISO ranges from 200 to 12,800, expandable from I...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.