Categories: Malware

Trojan Comes Preinstalled on More than 40 Cheap Android Device Models

Some of the cheap Android device models comes preinstalled with Trojan Android.Triada.231 that infects Android system component Zygote where all the Android application process derived.

The Trojan injects into the module and capable of performing various malicious activities such as stealing confidential information without user’s intervention.

Security researchers from Drweb Discovered the trojan dubbed Android.Triada.231 in the middle of 2017. Now they identified another 40 devices infected with the trojan.

Researchers said “The key feature of Android.Triada.231 is that cybercriminals inject this Trojan into the libandroid_runtime.so system library. They do not distribute the Trojan as a separate program. As a result, the malicious application penetrates the device firmware during manufacture. Users receive their devices already infected from the box.”

Infected – Cheap Android device

Leagoo M5
Leagoo M5 Plus
Leagoo M5 Edge
Leagoo M8
Leagoo M8 Pro
Leagoo Z5C
Leagoo T1 Plus
Leagoo Z3C
Leagoo Z1C
Leagoo M9
ARK Benefit M8
Zopo Speed 7 Plus
UHANS A101
Doogee X5 Max
Doogee X5 Max Pro
Doogee Shoot 1
Doogee Shoot 2
Tecno W2
Homtom HT16
Umi London
Kiano Elegance 5.1
iLife Fivo Lite
Mito A39
Vertex Impress InTouch 4G
Vertex Impress Genius
Advan S5E NXT
Advan S4Z
Advan i5E
STF AERIAL PLUS
STF JOY PRO
Tesla SP6.2
Cubot Rainbow
EXTREME 7
Haier T51
Cherry Mobile Flare S5
Cherry Mobile Flare J2S
Cherry Mobile Flare P1
NOA H6
Pelitt T1 PLUS
Prestigio Grace M5 LTE
BQ 5510

The best method to get rid of the Trojan infection is to install the clean Android firmware.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

2 hours ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

3 hours ago

GenAI Assistant DIANNA Uncovers New Obfuscated Malware

Deep Instinct’s GenAI-powered assistant, DIANNA, has identified a sophisticated new malware strain dubbed BypassERWDirectSyscallShellcodeLoader. This…

3 hours ago

Hackers Expose 184 Million User Passwords via Open Directory

A major cybersecurity incident has come to light after researcher Jeremiah Fowler discovered a publicly…

3 hours ago

New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data

A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive…

3 hours ago

GitLab Duo Vulnerability Exploited to Inject Malicious Links and Steal Source Code

A security vulnerability was recently discovered in GitLab Duo, the AI-powered coding assistant integrated into…

4 hours ago