Android WARNING: Google confirms THESE phones have dangerous malware pre-installed

Android fans are being warned about a number of phones which come with malware loaded on them straight out of the box.

Android is one of the most popular pieces of software in the world, with over two billion devices running the Google mobile OS each and every month.

But Android fans are no strangers to security alerts, with a number of recent widespread threats being circulated via apps found on the Goole Play Store.

Six Android apps that were downloaded a staggering 90million times from the Google Play Store were found to have been loaded with the PreAMo malware.

While another recent threat saw 50 malware-filled apps on the Google Play Store infect over 30million Android devices.

And now Android fans are being warned about another malware threat, but this time it’s not being spread via Google’s official app marketplace.

Google has confirmed a number of budget Android smartphones were found to have malware pre-installed on them.

As revealed in a post by HackRead, the Triada malware was believed to have been installed on these Android phones during the supply chain process.

The Triada malware is capable of stealing sensitive data from banking apps, intercepting chat messages from social media and spying on users.

In a blog post Google’s Lukasz Siewierski said: “The creators of Triada collected revenue from the ads displayed by the spam apps.

“The methods Triada used were complex and unusual for these types of apps. Triada apps started as rooting trojans, but as Google Play Protect strengthened defenses against rooting exploits, Triada apps were forced to adapt, progressing to a system image backdoor.

“However, thanks to OEM cooperation and our outreach efforts, OEMs prepared system images with security updates that removed the Triada infection.”

Prior to this Google blog post being published the Triada malware was found pre-installed in a series of budget smartphones by Dr Web.

The anti-malware firm found Triada loaded up onto over 40 Android devices.

These devices are as follows: Leagoo M5, Leagoo M5 Plus, Leagoo M5 Edge, Leagoo M8, Leagoo M8 Pro, Leagoo Z5C, Leagoo T1 Plus, Leagoo Z3C, Leagoo Z1C, Leagoo M9, ARK Benefit M8, Zopo Speed 7 Plus, UHANS A101, Doogee X5 Max, Doogee X5 Max Pro, Doogee Shoot 1, Doogee Shoot 2, Tecno W2, Homtom HT16, Umi London, Kiano Elegance 5.1, iLife Fivo Lite, Mito A39, Vertex Impress InTouch 4G, Vertex Impress Genius, myPhone Hammer Energy, Advan S5E NXT, Advan S4Z, Advan i5E, STF AERIAL PLUS, STF JOY PRO, Tesla SP6.2, Cubot Rainbow, EXTREME 7, Haier T51, Cherry Mobile Flare S5, Cherry Mobile Flare J2S, Cherry Mobile Flare P1, NOA H6, Pelitt T1 PLUS, Prestigio Grace M5 LTE, BQ 5510.

Siewierski said that the Triada malware mainly targeted Android versions 4.4.2 and older.

The Android Security and Privacy team member explained newer versions of the popular OS blocked the process by which the malware obtained root access to a device.

Siewierski added: “By working with the OEMs and supplying them with instructions for removing the threat from devices, we reduced the spread of preinstalled Triada variants and removed infections from the devices through the OTA updates.

“The Triada case is a good example of how Android malware authors are becoming more adept.

“This case also shows that it’s harder to infect Android devices, especially if the malware author requires privilege elevation.”

• Stay tuned to Express.co.uk for more Android news

Source: Read Full Article