Pre-infected Android Phones Now Available

Don’t have time to go out and find some mobile malware for that new phone of yours? Now you don’t have to! As a bonus, it can be installed with “System” permissions so you can’t get rid of it even if you wanted to! How cool is that? It kind of takes the fun out of poking around seedy internet sites while trying to get infected, but thanks to the supply chain injecting malware in to your pristine ROM, you don’t have to waste any time.

Check Point found that phones by Samsung, Google, Xiaomi, ZTE, Oppo, Vivo, Asus, and Lenovo have been sold with malware such as Loki (advertising) or Slocker (ransomware) already installed. Note, this does not mean that all phones are infected, but rather that somewhere in the supply chain, this has happened. A good reason to only buy from reputable sources and go ahead and run a malware check on any new phone.

 

This is the list of infections spotted so far by Check Point

com.fone.player1 Galaxy Note 2
LG G4
com.lu.compass Galaxy S7
Galaxy S4
com.kandian.hdtogoapp Galaxy Note 4
Galaxy Note 8.0
com.sds.android.ttpod Galaxy Note 2
Xiaomi Mi 4i
com.baycode.mop Galaxy A5
com.kandian.hdtogoapp Galaxy S4
com.iflytek.ringdiyclient ZTE x500
com.android.deketv Galaxy A5
com.changba Galaxy S4
Galaxy Note 3
Galaxy S4
Galaxy Note Edge
Galaxy Note 4
com.example.loader Galaxy Tab S2
com.armorforandroid.security Galaxy Tab 2
com.android.ys.services Oppo N3
vivo X6 plus
com.mobogenie.daemon Galaxy S4
com.google.googlesearch 5 Asus Zenfone 2
LenovoS90
com.skymobi.mopoplay.appstore LenovoS90
com.example.loader OppoR7 plus
com.yongfu.wenjianjiaguanli Xiaomi Redmi
air.fyzb3 Galaxy Note 4
com.ddev.downloader.v2 Galaxy Note 5
com.mojang.minecraftpe Galaxy Note Edge
com.androidhelper.sdk Lenovo A850

 

 

 

 

 

 

 

 

 


Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec

Leave a Reply