Wednesday, April 24, 2024

Trojan found Pre-installed On Cheap Android Smartphones

Security researchers from Dr.web found Trojan preinstalled on several mobile devices, along with Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.

Android.Triada families use to embed in system libraries that used in launching applications on mobile devices. Android.Triada.231 that detected by Dr.web doesn’t try to root the phones and to escalate privileges as like other Trojan in the family.

Android.Triada.231 is embedded into libandroid_runtime.so which get control each time when the system makes records on the log. Zygote used in the process of launching Trojan for the first time.

Also Read Google Blocked a new Spyware Family Lipizzan

Trojan once executed use to create a working directory launch it’s parameters and check for the environment it is running. If it is Dalvik environment(discontinued by Google) trojan use to launch attacks immediately after they start.┬áDr.web published a detailed report.

The major role of Android.Triada.231 is to run silently and to download additional modules. As the Trojans are included within system libraries it is not possible to delete using standard methods.

Moreover, Android.Triada.231 can extract the module Android.Triada.194.origin from libandroid_runtime.so, which is stored in the library in the encrypted form. Its main function is downloading additional malicious components from the Internet, as well as ensuring their interaction with each other. Says Dr.Web

The best method to get rid of the Trojan infection is to install the clean Android firmware.It is capable of penetrating various application modules, attackers can make use of trojan to download malicious plugins for stealing confidential information from bank applications, messengers etc.

Also Read CowerSnail Backdoor from the Developers of SambaCry

Website

Latest articles

Phishing Attacks Rise By 58% As The Attackers Leverage AI Tools

AI-powered generative tools have supercharged phishing threats, so even newbie attackers can effortlessly create...

Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely

The widely used MySQL2 has been discovered to have three critical vulnerabilities: remote Code...

CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File

This campaign is observed to be targeting multiple countries, including the U.S., Nigeria, Germany,...

Spyroid RAT Attacking Android Users to Steal Confidential Data

A new type of Remote Access Trojan (RAT) named Spyroid has been identified.This...

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites...

Ransomware Victims Who Opt To Pay Ransom Hits Record Low

Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members...

IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

IBM is reportedly close to finalizing negotiations to acquire HashiCorp, a prominent cloud infrastructure...

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles