A new landscape study states that an upcoming mobile devices may comes with per-installed mobile malware along with malicious code in it.
Per-installed malware means that the mobile device already installed with malicious code in system level that cannot be removed easily.
There are two types of pre-installed malware that is based on the apps location which is one of the important aspects of the apps.
1 ./system/app/ – The apps which
2. /system/priv-app/ – This is very important app location and most of the important apps such as settings and system UI, which include the functionality for the back/home buttons on Android devices reside in it.
The First location let allow users to uninstall some apps easily but the
In this case, latest preinstalled malware that reside in the /system/priv-app/ that is quite difficult to remove it.
Pre-Installed Mobile Malware
THL T9 Pro, a device that contains pre-
Researchers analyzed the code of this malware and confirmed that
the well-known preinstalled malware
This Malware infects the system UI and repeatedly installs variants of Android malware to eventually steal the sensitive information.
Another device is UTOK Q55 that infect with Potentially Unwanted Programs (PUPs) monitoring apps that collect and report sensitive information from the device.
“This particular Monitor app is hardcoded in the highly-important Settings app. In effect, the app used to uninstall other apps would need to be uninstalled itself to remediate—pure irony.”
- Stay away from devices with these infections. Here are the manufacturers/models we have seen so far that have been impacted:
- THL T9 Pro
- UTOK Q55
- BLU Studio G2 HD
- If you already bought one, return the device.
- If you already bought the device and can’t return it, contact the manufacturer.