26 Android Models shipped with pre-installed Malware

Image courtsey – steamfeed.com

OK go on and say it – Nik you have something against the Android.

I don’t. I really don’t. I don’t like the whole Android eco-sytem or the whole fractured distribution model but I personally have nothing against Android. It was a bold and ambitious move by Google which certainly did pay off very well. At least for Google. So what if the consumers were the collateral damage in the war between Android and iOS? Who cares?

This week a recent report [PDF] by the German security firm G Data highlights the presence of at least 26 Android Models which are shipped with Pre-installed malware on the phones.This malware is usually in the form of spoofed apps, for instance Facebook which are already installed on the device with a much extended set of permissions that are required by the original app to function along with a malicious code base. This allows the installer of this dubious app to carry out a complete surveillance of the phone without the user’s knowledge or permission. From the report I quote

EXAMPLE: MANIPULATED FACEBOOK APP
A common method is to manipulate a legitimate, popular app such as the Facebook app. All of the usual Facebook functions are available in the manipulated version. Users do not notice the surreptitious access, but the range of functions is expanded by the attached malware, enabling third parties to access the
entire device without asking for the user’s consent. The permissions have already been approved by the owner prior to commissioning the device. Hence the user only notices the malicious app when he installs a security solution such as G DATA INTERNET SECURITY FOR ANDROID.

 

Now to be fair to Android and the OEMs the security firm does suspect that this is some kind of a man in the middle attack.  The experts suspect middlemen are behind this, who have changed the firmware so that they can potentially steal user data and make money through advertising. My contention however is that the middlemen are able to do this because of such lax controls around Android. I don’t see an immediate resolution to the problem of this fractured universe in fact if the trends are to go by it would appear that this would become much much worse before it gets better.

This is a partial list of the handsets/models which have been identified in this report

INFECTED MODELS
(EXCERPT)
Xiaomi MI3
Huawei G510
Lenovo S860
Alps A24
Alps 809T
Alps H9001
Alps 2206
Alps PrimuxZeta
Alps N3
Alps ZP100
Alps 709
Alps GQ2002
Alps N9389
Andorid P8
ConCorde SmartPhone6500
DJC touchtalk
ITOUCH
NoName S806i
SESONN N9500
SESONN P8
Xido X1111

Leave a Comment

Your email address will not be published.

3 Trackbacks