Google confirms android malware

HIGHLIGHTS:

Triada backdoors were preinstalled on few Android devices, Google reveals

Three years ago the malware was identified but later it was discovered to have developed. It started to be embedded by hackers in the firmware of low-priced Android smartphones, mainly sold in China.

As the Russian cybersecurity supplier Kaspersky Lab first reported back in 2016, the malware, called Triada, was originally a Trojan that would acquire root privileges and show intrusive advertisements on the phone of a user.

Google virus researchers managed to wipe it out of all Android phones, but it became apparent in the summer of 2017 that Triada had developed from a rooting Trojan to a pre-installed back door Android framework.

According to Russian anti-malware business Doctor Web, the fresh, more elusive and advanced virus iteration has been integrated in the system library’s source code on Android devices.

It also became more hazardous, capable of “smuggling” different Trojan modules into any apps procedures; they could steal private information from bank applications or intercept social media communications.

Also Read:

Since the new Trojan was now installed deep in the system section, removing it with unique applications became difficult and the only way to get rid of it was to remove the phone and install clean firmware.

But first of all how did it get to Android phones? Triada was pre-installed during the manufacturing phase, according to Lukasz Siewierski of the Android safety and privacy team.

Google confirms android malware
Google confirms android malware

He presumed that a seller named Yehuo or Blazefire, which supplied the initial manufacturer with extra characteristics, supplied an infected Android application.

Which smartphone producers and which models were impacted is uncertain from the blog post, but an previous Bleeping Computer study said the virus was present in over 40 models, mainly low-cost smartphones sold in China and also in Poland, the Czech Republic, Indonesia, Mexico, Kazakhstan, and Serbia.

“We coordinated with the affected OEMs to provide system updates and remove traces of Triada,” Siewierski added. “We also scan for Triada and similar threats on all Android devices. OEMs should ensure that all third-party code is reviewed and can be tracked to its source,” Lukasz Siewierski wrote.

“The Triada case is a good example of how Android malware authors are becoming more adept. This case also shows that it’s harder to infect Android devices, especially if the malware author requires privilege elevation.”

Also Read:

LEAVE A REPLY

Please enter your comment!
Please enter your name here