Millions of Android phones already leave the factory infected with malware, researchers warn, according to The Register.
According to The Register, information security company Trend Micro in Singapore said that millions of Android smartphones, especially low-cost ones, contain malware before they are even sold. According to the company’s researchers, who spoke at the Black Hat Asia event, the problem extends to different parts of the world and also affects smart watches and TVs, for example.
During the manufacturing phase, the malware is embedded directly into the firmware of the device. The reason is that firmware has become so cheap that the makers of these software can no longer charge for them. So information-stealing side dishes are sourced, which are used to conduct shady business online.
Read more: Malware finds its way into top Android apps – downloaded over 100 million times
For example, the malware can view a user’s screen clicks and geographic location, as well as steal text messages and hijack a victim’s social media accounts. Stolen information is sold.
The problem is not new. For example, in 2017, another security company reported on the Triada malware, which was installed directly into the phone’s firmware.
Read more: Cheap Android phones were already loaded with malware at the factory: almost impossible to remove
The suspicion was that behind the malware was an insider involved in the phone manufacturing process or a participant in the development of the firmware.
Trend Micro researchers identified malware in phones from at least ten manufacturers, but the problem may be much more widespread. It remains unclear where these phones are sold everywhere and which manufacturers or models are affected by the problem.
As a general guideline, the buyer should prefer more expensive phones and well-known manufacturers like Google and Samsung. From the buyer’s point of view, the instructions are insufficient. Many people just can’t afford the top model, and availability varies for Google’s Pixel phones in Finland, for example. Officially, Google doesn’t bring them to Finland.
However, ordering the device yourself from overseas online stores increases your chances of getting a corrupted phone.