Android malware: 38 new phones and tablets found to be pre-installed with virus before being sold

The issue affects smartphones from a number of big-name brands, including Samsung, LG and Google

Aatif Sulleyman
Monday 13 March 2017 11:53 GMT
Comments
The findings have raised further alarm bells in technology community, following WikiLeaks' recent Vault 7 data dump
The findings have raised further alarm bells in technology community, following WikiLeaks' recent Vault 7 data dump (Justin Sullivan/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Over 30 different Android smartphones and tablets have been found to have had malware preinstalled on them before users even switched them on, according to a cyber security firm.

Check Point detected a “severe infection” on 38 handsets being used by two of its corporate clients, a telecommunications firm and a multinational technology company that have not been named.

The issue affects smartphones from a number of big-name brands, including Samsung, LG and Google. Those named by Check Point are:

  • Samsung Galaxy Note 2
  • LG G4
  • Samsung Galaxy S7
  • Samsung Galaxy S4
  • Samsung Galaxy Note 4
  • Samsung Galaxy Note 5
  • Samsung Galaxy Note 8.0
  • Xiaomi Mi 4i
  • Galaxy A5
  • ZTE x500
  • Samsung Galaxy Note 3
  • Samsung Galaxy Note Edge
  • Samsung Galaxy Tab S2
  • Samsung Galaxy Tab 2
  • Oppo N3
  • Vivo X6 plus
  • Nexus 5
  • Nexus 5X
  • Asus Zenfone 2
  • Lenovo S90
  • Oppo R7 plus
  • Xiaomi Redmi
  • Lenovo A850

It must be made clear, however, that not all models of the devices named above are affected.

“According to the findings, the malware were already present on the devices even before the users received them,” reads the Check Point blog post announcing the discovery.

“The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain.”

Most of the malware discovered by Check Point were info-stealers, but one of the phones had been pre-loaded with ransomware called Slocker.

Ransomware allows a hackers to lock a user out of their device, only restoring proper functionality in exchange for money.

“Pre-installed malware compromise the security even of the most careful users,” continues the report. “In addition, a user who receives a device already containing malware will not be able to notice any change in the device’s activity which often occur once a malware is installed.”

However, users can protect themselves by downloading and running a malware scanner as soon as they first fire up their new device.

WikiLeaks’ recent Vault 7 data dump raised serious alarm bells in the technology community, with allegations that the CIA and MI5 developed techniques for hacking into phones, TVs and computers.

The agency hasn't commented on the documents, but a number of major technology firms have detailed ways for users to stay safe online.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in