• Supply Chain Malware Found on Android Phones and Tablets



    I really hate it when I have to use this image, but here we are once again.

    Last Friday security firm Check Point published a blog post detailing malware found in products from "a multinational technology company" and "a large telecommunications company". I can only surmise that the latter is a carrier; the former would seem to suggest an online retailer, but the products from Lenovo, Oppo, Vivo and Xiaomi makes me think that it's not Best Buy.

    What's unique about this particular infections is that they were added in the supply chain—that is, somewhere between the manufacturer and end user. Here's the list of infected devices, with the offending APKs in italics:

    Asus Zenfone 2 / Lenovo S90
    com.google.googlesearch

    Lenovo A850
    com.androidhelper.sdk

    Lenovo S90
    com.skymobi.mopoplay.appstore

    Oppo N3 / Vivo X6 plus
    com.android.ys.services

    Oppo R7 Plus
    com.example.loader

    Samsung Galaxy A5
    com.android.deketv

    Samsung Galaxy A5
    com.baycode.mop

    Samsung Galaxy Note 2 / LG G4
    com.fone.player1

    Samsung Galaxy Note 2 / Xiaomi Mi 4i
    com.sds.android.ttpod

    Samsung Galaxy Note 3 / Galaxy Note 4 / Galaxy Note Edge / Galaxy S4
    com.changba

    Samsung Galaxy Note 4
    air.fyzb3

    Samsung Galaxy Note 4 / Galaxy Note 8.0
    com.kandian.hdtogoapp

    Samsung Galaxy Note 5
    com.ddev.downloader.v2

    Samsung Galaxy Note Edge
    com.mojang.minecraftpe

    Samsung Galaxy S4
    com.kandian.hdtogoapp

    Samsung Galaxy S4 / Galaxy S7
    com.lu.compass

    Samsung Galaxy S4
    com.mobogenie.daemon

    Samsung Galaxy Tab 2
    com.armorforandroid.security

    Samsung Galaxy Tab S2
    com.example.loader

    Xiaomi Redmi
    com.yongfu.wenjianjiaguanli

    ZTE x500
    com.iflytek.ringdiyclient

    Hopefully no one reading this is affected by any of the malware listed above. If you want to make sure your device is safe, Check Point, Lookout and Malwarebytes are three malware scanners recommended by Ars Technica.

    Sources: Check Point via Ars Technica

    ---------
    This article was originally published in forum thread: Supply Chain Malware Found on Android Phones and Tablets started by acurrie View original post
    Comments 2 Comments
    1. Ipse's Avatar
      Ipse -
      Lenovo f... d up before with malware embedded in computer BIOS. So no surprise from them. I guess I expected some cr@p from the others too.
      The price of a cheap phone.
    1. SoNic67's Avatar
      SoNic67 -
      Lots of Samsung devices...