Hundreds of brand new Android phones are being sold already preloaded with malware, it has been claimed.
Avast Threat Labs said it has found adware pre-installed on several hundred different Android device models and versions, including devices from manufacturers like ZTE, Archos, and myPhone.
The malware displays ads, and is also believed to send user data to servers.
Avast Threat Labs said it has found adware pre-installed on several hundred different Android devices, including those from manufacturers like ZTE, Archos, and myPhone. The malware displays ads, and is also believed to send user data to servers.
‘The adware we analyzed has previously been described by Dr. Web and goes by the name ‘Cosiloon,’ the firm said.
The adware has been active for over three years, and creates an overlay to display an ad over a webpage within the users’ browser.
It is particularly difficult to remove as it is installed on the firmware level.
‘Thousands of users are affected, and in the past month alone we have seen the latest version of the adware on around 18,000 devices belonging to Avast users located in more than 100 countries including Russia, Italy, Germany, the UK, as well as some users in the U.S.,’ Avast said in a blog post.
It has made Google aware of the issue, but as the apps come pre-installed with the firmware, the problem is difficult to address.
Google ‘has taken steps to mitigate the malicious capabilities of many app variants on several device models, using internally developed techniques,’ according to Avas.
Several hundred different devices are believed to be affected and includes devices from brands like Archos, ZTE, myPhone, and Prestigio.
A full list can be found here.
The list is so extensive because the malware was part of a chipset platform package which is reused for many similar devices with different brand names.
Google, Facebook, and Baidu ad frameworks were present in the payload, and in Avast’s tests, the researchers were ‘offered downloads of questionable games from the Baidu network.’