Malware News Android Adware and Ransomware Found Preinstalled on High-End Smartphones

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Two companies have discovered that someone had covertly installed malware on 38 devices used by their employees.

According to security firm Check Point, the installation of the malicious apps took place somewhere along the supply chain, after phones left the manufacturer's factory and before they arrived at the two companies.

Phones infected with Loki and Slocker
Researchers say they've identified two malware families on the infected phones. These are the Loki adware/infostealer and Slocker mobile ransomware.

On most phones, researchers say they've spotted the Loki malware, which is a very powerful malware family, capable of gaining root privileges and infecting even Zygote, one of the Android operating system core processes.

While Loki can do a lot of harm, in most cases, the malware is used as an infostealer to gather data from infected devices, but also as adware, showing ads on top of other apps.

On the other hand, Slocker infections were rarer, but if activated, this ransomware can lock devices using an AES encryption algorithm, and talk covertly to its C&C servers located on Tor servers.

Only 38 smartphones found infected
......
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
For a moment I got scared thinking that a phone OEM themself installed the adware and ransomware.
 
  • Like
Reactions: Der.Reisende

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top