If you are planning to purchase a low cost android device then think again. Recently security researchers from Russian antivirus vendor Dr web has discovered two types of downloader Trojans being incorporated in the firmware of android mobiles that operate on mediaTek platform marketed in Russia.
This malicious firmware collects data from the infected devices runs advertisements on applications and downloads unwanted APK files.
The Trojans, detected as Android.DownLoader.473.origin and Android.Sprovider.7 collects data from infected based on the instructions from command and control servers downloads other apps even update themselves and runs whenever the device is turned on.
The devices infected by malicious firmware include:
Lenovo A319, Lenovo A6000, MegaFon Login 4 LTE, Bravis NB85, Bravis NB105, Irbis TZ85, Irbis TX97, Irbis TZ43, Irbis tz56, Pixus Touch 7.85 3G, SUPRA M72KG, SUPRA M729G, SUPRA V2N10, Itell K3300, Digma Plane 9.7 3G, General Satellite GS700, Nomi C07000, Optima 10.1 3G TT1040MG, Marshal ME-711, 7 MID, Explay Imperium 8, Perfeo 9032_3G, Prestigio MultiPad Wize 3021 3G, Prestigio MultiPad PMT5001 3G, Ritmix RMD-1121, Oysters T72HM 3G, Irbis tz70, and Jeka JK103.
Trojan android Android.DownLoader.473.origin ,in addition downloads an advertisement programme called H5 Game centre.
H5 game centre app displays image on top of running apps and there is no way you can unstall the app ,as the Trojan is capable of reinstalling it again.
Android.Sprovider.7 is found in Lenovo A319 and Lenovo A 6000 smartphones. In addition to its normal functions,it is even capable of making phone calls to certain numbers using standard system application.
Source:hackernews
Source:hackernews
No comments:
Post a Comment