Don’t have time to go out and find some mobile malware for that new phone of yours? Now you don’t have to! As a bonus, it can be installed with “System” permissions so you can’t get rid of it even if you wanted to! How cool is that? It kind of takes the fun out of poking around seedy internet sites while trying to get infected, but thanks to the supply chain injecting malware in to your pristine ROM, you don’t have to waste any time.
Check Point found that phones by Samsung, Google, Xiaomi, ZTE, Oppo, Vivo, Asus, and Lenovo have been sold with malware such as Loki (advertising) or Slocker (ransomware) already installed. Note, this does not mean that all phones are infected, but rather that somewhere in the supply chain, this has happened. A good reason to only buy from reputable sources and go ahead and run a malware check on any new phone.
This is the list of infections spotted so far by Check Point
|com.fone.player1||Galaxy Note 2|
|com.kandian.hdtogoapp||Galaxy Note 4|
|Galaxy Note 8.0|
|com.sds.android.ttpod||Galaxy Note 2|
|Xiaomi Mi 4i|
|Galaxy Note 3|
|Galaxy Note Edge|
|Galaxy Note 4|
|com.example.loader||Galaxy Tab S2|
|com.armorforandroid.security||Galaxy Tab 2|
|vivo X6 plus|
|com.google.googlesearch||5 Asus Zenfone 2|
|air.fyzb3||Galaxy Note 4|
|com.ddev.downloader.v2||Galaxy Note 5|
|com.mojang.minecraftpe||Galaxy Note Edge|
Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army 2nd Regional Cyber Center-Western Hemisphere.