Wed. Nov 13th, 2019

Researchers found that cheap Android devices were shipped pre-installed backdoors

2 min read

Low-cost devices and diversity are essential reasons why Android is so popular around the world, but low cost means that device manufacturers receive less revenue.

In this case, some manufacturers began to brainstorm how to expand revenue, unfortunately, they found that the bundled advertising program and the backdoor program is better.

For-profit motives, manufacturers pre-installed backdoors to help other application developers automatically push and download those applications from the cloud.

Android devices malware

 

For example, the newly discovered direct bundled virus:

The researchers found that an Android device produced by an unknown brand in foreign countries, the pre-installed recorder of the device firmware is a tamper-proof version carrying a virus.

The virus will boot from the start and always keep running in the background and collect data, including the device’s GPS location information as well as the device serial number and system version.

The primary purpose of collecting this information is to facilitate the promotion of certain ads according to different attributes, which are the applications that are automatically downloaded and promoted.

Has the implementation of shell and silent download function:

After careful analysis, the researchers found that the recorder contained a complete module and automatically downloaded the promotion application without the user’s consent by the cloud instructions.

At the same time, if necessary, the virus can also uninstall competitors’ applications according to the controller’s instructions, maximising the benefits of advertising bundling and promotion.

Even the virus can execute the shell command to manipulate the system directly, and finally, it can automatically open the advertisement webpage through the browser through the cloud command.

Even if the researchers give feedback to the manufacturer, no one will take care of it:

In the past few years, there have been many cases of cheap Android devices pre-installed backdoors, but even if the feedback is given to the manufacturers, it will not be handled by others.

The main reason is that most of them are bundled by the manufacturers themselves to make a profit, so the feedback to them always has an attitude that can be ignored.

This time is no exception, the researchers submitted the findings to the product manufacturer but did not receive any response or repair from the manufacturer in the past few weeks.

Via: bleepingcomputer