Cyber security news for all


    Detected Malicious Malware On Chinese Smartphones

    The Federal Office for Information Security is currently warning of pre-installed malicious code in the firmware of Android smartphone models from China.

    According to a press release from the german Federal Bureau Security – BSI(Bundesamt für Sicherheit in der Informationstechnik), officials from the agency specifically purchased the models in question at various online marketplaces in order to test them for malware that had already been detected in February of this year. The device does not indicate on which devices this happened at the time. The malware, which is run by the security software manufacturer Sophos under the generic transmits has also a function for reload and run other malware such as banking Trojans.

    chinese smartphone malware

    Malicious Code Actively Works On Some Models

    The BSI has issued warning messages for the Doogee BL7000 and the M-Horse Pure 1. It advises users to refrain from using both devices and if available, to assert statutory warranty that claims against the dealer.

    According to Information Security data, connection attempts to over 20,000 different  IP addresses are made every day with a malicious server. It must therefore be assumed that devices with this malware variant will become more widespread in the world. Experts have already informed network operators about infected devices in their respective networks by means of Bund reports. The providers were asked to respond accordingly to their customers to notify. The malware is “Andr / Xgen2-CY”, which sends various characteristic data of the device used to the command and control server. The malware also has a reload function that can be used to land other malware on the devices and activate it. Since the malware is in the firmware, it cannot be removed manually or deactivated reliably.

    What Does The Malware Do?

    The malware collects device information and sends it to a server. It also reports the installation and deinstallation of apps. In addition, the malware has the option of using network connections without being noticed. This enables remote control and installation of additional malware. Since there is currently no way to remove the malware, the smartphones should not be used until an update.

    Recent Articles

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Mail provider Tutanota becomes target of cyber attacks

    Over the weekend, ongoing DDoS attacks and an infrastructure problem resulted in downtime for hundreds of users. While some were able to mitigate most...

    Amazon accounts are the new target of cyber criminals

    Amazon is a popular target for cyber criminals who want to exploit the trust and image of the company among its customers with emails....

    Hackers stole thousands of passport data in Argentina

    In response to millions of dollars ransom refused by the Argentine Immigration Service, a ransomware group released passport data from hundreds of thousands of...

    USA wants to improve cybersecurity of space systems

    CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox