Are you thinking of buying a new smartphone or did you find a good deal in the fashion world? Maybe it's the case that you keep reading since at least 36 models of Android smartphones belonging to companies like Samsung, LG, Xiaomi, Asus, Nexus, Oppo and Lenovo, are affected by malware preloaded at source.
We do not speak of general danger and we do not want to create allergies
In particular, there are two malware found on the devices, and they respond to the name of Loki and SLocker. The two unwanted guests emerged after a thorough scan by the researchers of the company Check Point.
Secondo a post posted on Check Point researchers blog Friday, these malicious applications were not part of the official firmware of ROMs provided basically by smartphone manufacturers, but they were installed later along the supply chain, before the phones came to the end user.
In particular, the Loki malware dates back to February 2016 and once a device has been infected it manages to modify system processes by getting very powerful root privileges. The trojan also includes spyware-like features that can slip information such as the list of current installed applications, browser history, contact list, call history, and location data.
Instead SLocker is a mobile ransomware that blocks the devices in which it resides for extrusion purposes communicating through the Tor network in order to hide the identity of its operators. I'm not an expert in computer viruses, but I certainly do not like to find the little demons in our beloved device.
Below is a list of smartphones and malicious APKs
Smartphone | APK Malware |
Asus Zenfone 2 | com.google.googlesearch |
Google Nexus 5 | com.changba |
Google Nexus 5 | com.mobogenie.daemon |
Google Nexus 5X | com.changba |
Lenovo A850 | com.androidhelper.sdk |
Lenovo S90 | com.google.googlesearch |
Lenovo S90 | com.skymobi.mopoplay.appstore |
LG G4 | com.fone.player1 |
O | com.android.ys.services |
Oppo R7 Plus | com.example.loader |
Samsung Galaxy A5 | com.baycode.mop |
Samsung Galaxy A5 | com.android.deketv |
Samsung Galaxy Note 2 | com.fone.player0 |
Samsung Galaxy Note 2 | com.sds.android.ttpod |
Samsung Galaxy Note 3 | com.changba |
Samsung Galaxy Note 4 | com.kandian.hdtogoapp |
Samsung Galaxy Note 4 | com.changba |
Samsung Galaxy Note 4 | air.fyzb3 |
Samsung Galaxy Note 5 | com.ddev.downloader.v2 |
Samsung Galaxy Note 8 | com.kandian.hdtogoapp |
Samsung Galaxy Note Edge | com.changba |
Samsung Galaxy Note Edge | com.mojang.minecraftpe |
Samsung Galaxy S4 | com.lu.compass |
Samsung Galaxy S4 | com.kandian.hdtogoapp |
Samsung Galaxy S4 | com.changba |
Samsung Galaxy S4 | com.changba |
Samsung Galaxy S4 | com.mobogenie.daemon |
Samsung Galaxy S7 | com.lu.compass |
Samsung Galaxy Tab 2 | com.armorforandroid.security |
Samsung Galaxy Tab S2 | com.example.loader |
Vivo X6 Plus | com.android.ys.services |
Xiaomi Mi 4I | com.sds.android.ttpod |
Xiaomi Redmi | com.yongfu.wenjianjiaguanli |
ZTE X500 | com.iflytek.ringdiyclient |
These malware finally create backdoor that allows the attacker to have unlimited access to infected devices by allowing data downloads, installing and activating additional malicious Android applications, as well as deleting user data, disabling application system and allow the sending of calls to "premium" numbers, that is, with extraordinary tariffs.
All this makes us open our eyes to how much we need to pay maniacal attention to our devices nowadays, not clicking on malicious links or downloading scam applications, and above all always relying on trusted stores, such as Gearbest.com or Honorbuy.it to name a few.
Is There A Way To Remove Malware Infections?
Since malware programs are located inside the ROM with system privileges it is difficult to get rid of them, but not impossible. It must make the root to your device and then proceed with uninstalling malware applications (see list above) or you will need to Reinstall the firmware completely of the device by making a flash of ROM (in my opinion the much safer method).
Perhaps someone will not be able to perform any of the two procedures listed above and therefore the advice is to be assisted by qualified technicians or anyway by a friend who is more "chubby" than you.
But if you're here, you're a little cheeky for it too ... It's not the first time Android devices, even top-notch, have these ugly surprises to equip their operating system. Have you ever been to? Let us know your experiences in the comments box below.
Is there a way to scan the phone to make sure everything is OK?
Which model of Xiaomi Redmi?
There is none of that on my Xiaomi fortunately. Technically, therefore, at the first update or flash of a new rom the virus "should" be eliminated, given that the updates with the OS come directly from Xiaomi and shouldn't pass through third parties?