New Android devices sold with pre-installed malware
Posted on 05.03.2014
A wide range of smartphones and tablets manufactured by Samsung, Motorola, Asus and LG Electronics have apparently been compromised with malicious apps before being sold to unsuspecting clients.

The claim has been made by David Jevans, founder and CTO of Marble Security, who discovered the problem after a potential customer complained that the company's mobile security management platform detected Netflix apps on several of its employees' devices as malicious.

As it turned out, they were malicious, and were harvesting passwords and financial information and sending it to a server in Russia. The company claimed the apps were already installed on the devices when they bought them," Jevans told Jeremy Kirk.

This claim spurred him to inspect devices from its other customers, and he again found many instances of fake and malicious Netflix apps, many of which they believed were pre-installed before the devices were sold to their customers.

Among the compromised devices were popular Samsung Galaxy Note phones and tablets, Galaxy 3 and 4 phones, Asus tablets, LG's Nexus S phone, and several Motorola's Droid phones.

When contacted, Samsung confirmed that Samsung or US carrier partners don't install a Netflix app on the devices before selling them. The other companies are yet to comment on the findings.

Unfortunately, Jevans didn't share the identity of the companies that sold the affected devices to their customers, but chances are they are either unknowingly pre-installing the phones and tablets with an application bundle that was not checked for malware, or are selling on refurbished phones that already contain them.

But this discovery just goes to show how dangerous weaknesses in electronics supply chains are in this day and age, and that security checks are needed every step of the way.









Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //