Don’t have time to go out and find some mobile malware for that new phone of yours? Now you don’t have to! As a bonus, it can be installed with “System” permissions so you can’t get rid of it even if you wanted to! How cool is that? It kind of takes the fun out of poking around seedy internet sites while trying to get infected, but thanks to the supply chain injecting malware in to your pristine ROM, you don’t have to waste any time.
Check Point found that phones by Samsung, Google, Xiaomi, ZTE, Oppo, Vivo, Asus, and Lenovo have been sold with malware such as Loki (advertising) or Slocker (ransomware) already installed. Note, this does not mean that all phones are infected, but rather that somewhere in the supply chain, this has happened. A good reason to only buy from reputable sources and go ahead and run a malware check on any new phone.
This is the list of infections spotted so far by Check Point
com.fone.player1 | Galaxy Note 2 |
LG G4 | |
com.lu.compass | Galaxy S7 |
Galaxy S4 | |
com.kandian.hdtogoapp | Galaxy Note 4 |
Galaxy Note 8.0 | |
com.sds.android.ttpod | Galaxy Note 2 |
Xiaomi Mi 4i | |
com.baycode.mop | Galaxy A5 |
com.kandian.hdtogoapp | Galaxy S4 |
com.iflytek.ringdiyclient | ZTE x500 |
com.android.deketv | Galaxy A5 |
com.changba | Galaxy S4 |
Galaxy Note 3 | |
Galaxy S4 | |
Galaxy Note Edge | |
Galaxy Note 4 | |
com.example.loader | Galaxy Tab S2 |
com.armorforandroid.security | Galaxy Tab 2 |
com.android.ys.services | Oppo N3 |
vivo X6 plus | |
com.mobogenie.daemon | Galaxy S4 |
com.google.googlesearch | 5 Asus Zenfone 2 |
LenovoS90 | |
com.skymobi.mopoplay.appstore | LenovoS90 |
com.example.loader | OppoR7 plus |
com.yongfu.wenjianjiaguanli | Xiaomi Redmi |
air.fyzb3 | Galaxy Note 4 |
com.ddev.downloader.v2 | Galaxy Note 5 |
com.mojang.minecraftpe | Galaxy Note Edge |
com.androidhelper.sdk | Lenovo A850 |
Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army 2nd Regional Cyber Center-Western Hemisphere.