- Hidden malware plagues millions of Android devices worldwide.
- Intense competition leads to 80+ malicious plug-ins in firmware.
- Users should buy from reputable sources, update firmware, and use antivirus.
Millions of Android devices worldwide are being sold with pre-installed malware hidden in their firmware, according to researchers at Trend Micro. These devices include budget smartphones, smartwatches, and televisions, among others. The issue stems from the intense competition among firmware vendors, who are offering their services at extremely low or even no cost to device manufacturers.
As a result of this cutthroat competition, some firmware developers have resorted to integrating malicious features, including silent plug-ins, into the firmware. The researchers analyzed several firmware images and discovered around 80 different types of these malicious plug-ins. The most concerning ones are designed to steal user data, such as messages and social media account information. They can also display unwanted advertisements and redirect users to scam websites.
One particular type of plug-in identified is the proxy plug-in, which allows cybercriminals to rent a device for a short period each day. During this time, they can capture sensitive information like keystrokes, geolocation data, and IP addresses. Another plug-in was found to collect user activity data from the Facebook app.
The researchers estimate that there are millions of infected devices worldwide, with a concentration in Southeast Asia and Eastern Europe. Cybercriminals operating in this area claim to have around 8.9 million infected devices. While the researchers did not disclose the specific locations of these cybercriminals, there have been references to China in relation to this discovery.
At least 10 device vendors have been identified as selling devices with this type of malware, but there could be many more. Established brands like Samsung and Google generally perform security checks in their supply chain, providing some level of protection. However, manufacturers of low-cost devices often neglect these security measures, allowing the proliferation of malware.
It’s important for users to remain vigilant and take precautions when purchasing and using Android devices. Buying from reputable vendors and manufacturers known for prioritizing security can help mitigate the risk of acquiring a device with pre-installed malware. Additionally, regularly updating firmware and using reliable antivirus software can provide an extra layer of protection against such threats.