It turns out that millions of Android TVs and phones are being plagued by preinstalled malware. Yikes! Low-cost Android devices seem to be bearing the brunt of this ongoing security nightmare.
Countries with Android devices affected
Even though the specific Android devices affected were not made clear, the number of infected devices are distributed globally as the threat actor controls devices in more than 180 countries. By tracking the indicators using Trend Micro™ Smart Protection Network™The top 10 countries affected are:
- US
- Mexico
- Indonesia
- Thailand
- Russia
- South Africa
- India
- Angola
- Philippines
- Argentina
Now, let’s talk about Android’s reputation when it comes to security. It’s a bit of a mixed bag, isn’t it? While the operating system itself and Google’s own Pixels have proven to be quite resilient against software exploits, there’s no denying the flood of malicious apps in the Google Play Store and the vulnerability of some third-party devices that have tarnished Android’s image.
The latest blow
Two reports have emerged, shedding light on the extent of the problem. The first report comes from the cybersecurity wizards at Trend Micro. These folks have been on the case, and their research reveals some shocking numbers. Up to 8.9 million phones from a whopping 50 different brands may have had the malware right out of the box.
The malware, is “Guerrilla” by the savvy researchers at security firm Sophos, was discovered hiding in 15 sneaky apps that somehow made their way into Google’s Play Store. Talk about slipping through the cracks! What does Guerrilla do, you ask? Well, it opens a sneaky backdoor that allows infected devices to regularly communicate with a remote command-and-control server. Why, you might wonder? To check for any fresh malicious updates waiting to for installatio. Crafty, huh?
Now, here’s where things get even worse. These malicious updates gather sensitive user data that the Lemon Group, the threat actor identified by Trend Micro, can then sell to advertisers. It’s a real invasion of privacy, folks! And if that wasn’t enough, Guerrilla goes the extra mile and sneakily installs aggressive ad platforms on these poor devices. Battery drain and a degraded user experience? No thanks!
Trend Micro researchers wrote:
“While we identified a number of businesses that Lemon Group does for big data, marketing, and advertising companies, the main business involves the utilization of big data: Analyzing massive amounts of data and the corresponding characteristics of manufacturers’ shipments, different advertising content obtained from different users at different times, and the hardware data with detailed software push. This allows Lemon Group to monitor customers that can be further infected with other apps to build on, such as focusing on only showing advertisements to app users from certain regions”
So, what’s the takeaway from all this? Well, it’s clear that the battle against preinstalled malware on Android devices is far from over. We need to stay vigilant and take precautions to protect ourselves. Make sure you’re downloading apps from trusted sources, keep your device’s software up to date, and consider investing in a reliable security solution to keep those sneaky malware gremlins at bay.
Stay safe out there and remember, be cautious and savvy when it comes to the apps you choose to install on your Android devices.
