Trend Micro researchers have discovered that millions of Android phones already contain malicious firmware from the factory. This was revealed during Black Hat Asia in Singapore, as reported by The Register. It mainly affects very cheap phones, as well as smartwatches, televisions and other Android devices.
Trend Micro notes that this is a growing problem. Criminal organizations are said to be infecting the devices via firmware. Many manufacturers outsource the installation of this to third parties, allowing criminals to work unnoticed. The infected firmware allows the devices to be used as proxies for stealing and reselling text messages, social media and messenger accounts, among other things.
The highest concentration of infected devices is in Southeast Asia and Eastern Europe, although Trend Micro emphasizes that this should be a global concern, involving millions of devices. Senior Trend Micro researcher Fyodor Yarochkin stresses the importance of knowing who is supplying. “Even though we may know who is building the infrastructure for these things, it’s hard to pinpoint exactly how the infection gets to a phone. We are not sure when the malware is in the supply chain.”
Cybercriminals are developing Android malware with system privileges, a worrying trend that should be taken seriously.
