Experts warn that Chinese Android smartphones infected during manufacturing
Cheap smartphones infected by “Trojan Needleman”
Cheap Chinese smartphones for Android unsafe to use. To such conclusion experts on information security of Germany. A detailed analysis of these mobile devices revealed that most of them are already infected with viruses out of the box.
See also the story about how smartphones are watching us:
The cause of infection has become a dangerous backdoor that is embedded in the stage production of smartphones, which makes its removal very difficult task. The vulnerability is called Andr/Xgen2-CY discovered in the firmware of smartphones Doogee BL7000, M-Horse Pure 1, Keecoo P11, and also model VKworld Mix Plus, where the virus installed, but not activated. All of these mobile devices belong to the budget segment.
Remove immediately: named the most dangerous apps on Android
For the first time the virus Andr/Xgen2-CY was discovered in October 2018, experts Sophos Labs. At the time the malware was hiding in the application soundrecorder EXE, preinstalled on the smartphone Ulefone s8 Pro.
Andr/Xgen2-CY was designed as “not deleted Trojan”. The malware is activated when you first turn on your smartphone, after which it is impossible to disable or remove. Malware receives reports hackers to the following confidential information:
- The phone number
- Location information
- IMEI and Android ID
- Screen resolution
- Manufacturer, model, brand, Android version
- Network type
- MAC address
- The volume of permanent memory
- The size of the SD card
- Language and country
- Mobile operator
Antivirus for Android “do nothing” – study
In this case, through the remote server the hacker can give the virus a variety of commands for remote control of the smartphone:
- Download and install the app using the downloaded APK file
- To remove any installed application
- To execute a shell command
- To open the url in browser
Caution: fake Viber infect smartphones worldwide
Experts of the Federal office for information security argue that the virus is firmly fixed in the firmware, so independent user deletion is impossible – it would not even reset to factory settings. At the moment vulnerability affects more than 20 thousand smartphones worldwide. Manufacturer smartphone Keecoo P11 already released a patch for the destruction of “contagion” and the rest of the company ignored the problem.
We will remind that earlier Android a virus attacked, the discharge of the battery. And recently, Android users have downloaded a virus from Google Play under the guise of the game.
Read the most important and interesting news in our Telegram