- Jul 22, 2014
- 2,525
Two companies have discovered that someone had covertly installed malware on 38 devices used by their employees.
According to security firm Check Point, the installation of the malicious apps took place somewhere along the supply chain, after phones left the manufacturer's factory and before they arrived at the two companies.
Phones infected with Loki and Slocker
Researchers say they've identified two malware families on the infected phones. These are the Loki adware/infostealer and Slocker mobile ransomware.
On most phones, researchers say they've spotted the Loki malware, which is a very powerful malware family, capable of gaining root privileges and infecting even Zygote, one of the Android operating system core processes.
While Loki can do a lot of harm, in most cases, the malware is used as an infostealer to gather data from infected devices, but also as adware, showing ads on top of other apps.
On the other hand, Slocker infections were rarer, but if activated, this ransomware can lock devices using an AES encryption algorithm, and talk covertly to its C&C servers located on Tor servers.
Only 38 smartphones found infected
......
According to security firm Check Point, the installation of the malicious apps took place somewhere along the supply chain, after phones left the manufacturer's factory and before they arrived at the two companies.
Phones infected with Loki and Slocker
Researchers say they've identified two malware families on the infected phones. These are the Loki adware/infostealer and Slocker mobile ransomware.
On most phones, researchers say they've spotted the Loki malware, which is a very powerful malware family, capable of gaining root privileges and infecting even Zygote, one of the Android operating system core processes.
While Loki can do a lot of harm, in most cases, the malware is used as an infostealer to gather data from infected devices, but also as adware, showing ads on top of other apps.
On the other hand, Slocker infections were rarer, but if activated, this ransomware can lock devices using an AES encryption algorithm, and talk covertly to its C&C servers located on Tor servers.
Only 38 smartphones found infected
......
