Android malware: 38 new phones and tablets found to be pre-installed with virus before being sold
Over 30 different Android smartphones and tablets have been found to have had malware preinstalled on them before users even switched them on, according to a cyber security firm.
Check Point detected a “severe infection” on 38 handsets being used by two of its corporate clients, a telecommunications firm and a multinational technology company that have not been named.
The issue affects smartphones from a number of big-name brands, including Samsung, LG and Google. Those named by Check Point are:
Samsung Galaxy Note 2
LG G4
Samsung Galaxy S7
Samsung Galaxy S4
Samsung Galaxy Note 4
Samsung Galaxy Note 5
Samsung Galaxy Note 8
Xiaomi Mi 4i
Galaxy A5
ZTE x500
Samsung Galaxy Note 3
Samsung Galaxy Note Edge
Samsung Galaxy Tab S2
Samsung Galaxy Tab 2
Oppo N3
Vivo X6 plus
Nexus 5
Nexus 5X
Asus Zenfone 2
Lenovo S90
Oppo R7 plus
Xiaomi Redmi
Lenovo A850
It must be made clear, however, that not all models of the devices named above are affected.
“According to the findings, the malware were already present on the devices even before the users received them,” reads the Check Point blog post announcing the discovery.
“The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain.”
Most of the malware discovered by Check Point were info-stealers, but one of the phones had been pre-loaded with ransomware called Slocker.
Ransomware allows a hackers to lock a user out of their device, only restoring proper functionality in exchange for money.
“Pre-installed malware compromise the security even of the most careful users,” continues the report. “In addition, a user who receives a device already containing malware will not be able to notice any change in the device’s activity which often occur once a malware is installed.”
However, users can protect themselves by downloading and running a malware scanner as soon as they first fire up their new device.
WikiLeaks’ recent Vault 7 data dump raised serious alarm bells in the technology community, with allegations that the CIA and MI5 developed techniques for hacking into phones, TVs and computers.
The agency hasn't commented on the documents, but a number of major technology firms have detailed ways for users to stay safe online.