Google admits some Android phones shipped with malware
Google LLC Friday admitted that some Android phones going back as far as 2016 were shipped with malware installed unknowingly by smartphone manufacturers.
The malware used is called “Triada,” a trojan virus that provides hackers with backdoor access to an infected device. The code is primarily found on smartphones manufactured in China.
Google first detected Triada three years ago and moved to protect against it using Play Protect, but the trojan evolved over time, becoming harder to detect. A version first detected 2017 included a backdoor log function that downloaded and installed modules in a place within Android that wasn’t noticed by many smartphone manufacturers at the initial stage.
Malware on smartphones is not new and this isn’t the first time malicious software has been installed on smartphones at the manufacturing level. What’s interesting here is how those behind the code managed to trick manufacturers into installing it.
Instead of hacking smartphone makers or breaking into plants, those behind the code pretended to be legitimate third-party suppliers of software that could be added to a standard Android Open Source Project installation, the free version of Android that doesn’t require licensing, such as a face unlock program. Neither was this a case of a shady-looking man in a trenchcoat offering under-the-counter enhanced Android functionality, with those behind the code pretending to be legitimate companies.
“Based on analysis, we believe that a vendor using the name Yehuo or Blazefire infected the returned system image with Triada,” Lukasz Siewierski from the Android security and privacy team wrote in a blog post.
Which smartphone makers were targeted and which models were infected have not been officially disclosed. But a report from Bleeping Computer in March found Triada infections on phones made by Leagoo, Doogee, Vertex, Advan, Cherry Mobile and others.
“We coordinated with the affected OEMs to provide system updates and remove traces of Triada,” Siewierski added. “We also scan for Triada and similar threats on all Android devices. OEMs should ensure that all third-party code is reviewed and can be tracked to its source.”
Photo: Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU