A new landscape study states that an upcoming mobile devices may comes with per-installed mobile malware along with malicious code in it.
Per-installed malware means that the mobile device already installed with malicious code in system level that cannot be removed easily.
There are two types of pre-installed malware that is based on the apps location which is one of the important aspects of the apps.
1 ./system/app/ – The apps which is posted in this location something that you’re regularly using such as, camera, FM, video player and photo viewers etc
2. /system/priv-app/ – This is very important app location and most of the important apps such as settings and system UI, which include the functionality for the back/home buttons on Android devices reside in it.
The First location let allow users to uninstall some apps easily but the second location will not allow users to uninstall the apps without breaking the core essential.
In this case, latest preinstalled malware that reside in the /system/priv-app/ that is quite difficult to remove it.
THL T9 Pro, a device that contains pre-insalled Riskware that perform various malicious activities.
Researchers analyzed the code of this malware and confirmed that
the well-known preinstalled malware Adups.
This Malware infects the system UI and repeatedly installs variants of Android malware to eventually steal the sensitive information.
Another device is UTOK Q55 that infect with Potentially Unwanted Programs (PUPs) monitoring apps that collect and report sensitive information from the device.
“This particular Monitor app is hardcoded in the highly-important Settings app. In effect, the app used to uninstall other apps would need to be uninstalled itself to remediate—pure irony.”
According to malwarebytes Currently, the best method to deal with these infections is to:
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets
Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack
Torii Botnet – A New Sophisticated IoT Botnet Attack in Wide – More Powerful Than Mirai
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…
Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals,…