Cheap Android Devices Ship With Pre-installed Malware Again

There is a new finding on cheap Android phones following the last post on May 2018, Cheap Android devices ship with pre-installed malware.

Upsteam has discovered new low-end Android smartphone devices being sold to consumers in developing markets such as Myanmar, Cambodia, Egypt, Brazil and South Africa, contain pre-installed unwanted software (apk name: com.rock.gota by GMobi company). This embedded app can commit digital ad fraud, collects users’ personal information, depletes their mobile data allowance and triggers fraudulent charges to their pre-paid credit, without their knowledge or consent. If you read the details on this app from Dr.Web Antivirus analysis, you should be shocked by what it can do in your phone. This is clearly exploitation (and considered unlawful) and it is probably why it does not target countries like the United States and the European region.

The issue is not whether the app is a malware; the issue is the ability of the app to do unwanted things on the phone without users' knowledge or consent.

As usual, our own Quick Check App will be updated to inform users if their phones contain this specific unwanted software. If your phone is found to have this app, there is probably nothing much you can do to remove it because it is embedded in the phone's firmware.

Quick check and scan for RottenSys, Trojan.AsiaHitGroup, Trojan.SMS.AsiaHitGroup, Adware.AsiaHitGroup, APT-C-23 , Cosiloon malware files in your Android Phones, Tablet, TV.
Quick Check for RottenSys, AsiaHitGroup, APT-C-23, etc.

Closer to Singapore, Product Director at Singapore-based Singtech, Andy Ng, clarified that his company stopped using GMobi’s services in 2017, though he said approximately 1 million of his company’s devices containing the app is likely remain on the market in Myanmar and Cambodia. GMobi said users are asked to consent to data collection by clicking an end-user license agreement when they first activate their phones. The probability of any user reading and understanding the license when they first turned on their phone is nearly zero (unscientific and totally biased opinion of us here).

Refer here for more information on protecting your phone.
Refer here for more information on Android App, Android Development and Security Advisory. 
Refer here for more information on why your data is interesting to others.

We will continue to monitor and update this "supply chain contamination" trend.

Support us by becoming our Patron!

-
Labels: , ,

2 comments:

  1. Anonymous8 July 2018 at 19:25

    Good sharing

    ReplyDelete
    Replies
    1. FD Staff8 July 2018 at 22:23

      Thanks, remember to come back often for more news and sharing.

      Delete

Subscribe to: Post Comments (Atom)