Report finds Android malware pre-installed on hundreds of phones

Latest news

    This isn’t the first time we’ve seen bad apps pre-installed, as Lenovo famously shipped the “Superfish” malware with brand new PCs. It’s one of the bigger scandals related to malware installed on Android devices, however, and might affect a lot more users.

    There are a couple of different variants of the Android malware APKs, but they work on the same principal.The infected apps, called droppers, are installed in a hidden way in a list of system applications in the settings. They download a small file called a manifest that tells the app what other files to gets. It then downloads those and installs an APK from an URL found in the manifest, and uses a standard Android command to install it. Finally, it starts the payload service.

    The payload APK contains Google, Facebook and Baidu ad frameworks. It is able to detect any antivirus software, and will “hold back any suspicious actions in this case,” said Avast. If not, it will show popup ads for sketchy games while you surf on your default browser. That’s already a big nuisance, but could get a lot worse if you actually installed any of the games.

    The top countries affected are Russia, Italy, Germany, the UK and France. Avast managed to disable the dropper server via takedown requests, but it was quickly restored using another provider. The adware servers are still operating, and lots of users have complained about it, the company notes.

    Avast contacted Google, which “has taken steps to mitigate the malicious capabilities of many app variants on several device models, using internally developed techniques,” said the company. Specifically, Google Play Protect should automatically disable the dropper and the payload, if it’s available.

    View the original article: https://www.engadget.com/2018/05/24/report-finds-android-malware-pre-installed-on-hundreds-of-phones/

    Another solution, of course, is to use mobile antivirus software that Avast just happens offer (or another antivirus app, we presume). That should uninstall the payload, but you’ll have to manually go into your settings to disable the dropper. For more information about how to do that, check here.

    In the same category are

    Belkin’s wireless charging dock handles your iPhone XS and Apple Watch Besides a relatively clean design, it promises up to 7.5W for Qi-enabled devices (that should work through cases up to 3mm thick), 5W/1A charging for ...
    SpaceX gives us a glimpse of its Mars base vision Mars Base Alpha pic.twitter.com/O1llQp8rFY — Elon Musk (@elonmusk) September 21, 2018 pic.twitter.com/Fn0hKJd3uJ — Elon Musk (@elonmusk) September 2...
    FCC’s Ajit Pai labels California net neutrality law ‘illegal’ Suggesting that the FCC would pull federal rank over state's rights, he reminded his well-heeled audience: "In fact, just last week, the US Court of A...
    Google tests see-through mode, better motion tracking for Daydream Secondly, the company says it's adding APIs that support position controller tracking with six degrees of freedom, which will enable more real-world,...
    Here’s every Alexa device Amazon announced today Echo Dot The revamped Echo Dot has a new look, with rounded edges, and packs more punch, with a 1.6-inch driver delivering 70-percent-louder audio th...
    Amazon’s new Echo lineup targets Google, Apple and Sonos Just like the Dot, the Plus sounds a lot better this year than last. I was impressed by just how booming the bass sounded, and I thought the highs sou...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.