Cyber security news for all

More

    Detected Malicious Malware On Chinese Smartphones

    The Federal Office for Information Security is currently warning of pre-installed malicious code in the firmware of Android smartphone models from China.

    According to a press release from the german Federal Bureau Security – BSI(Bundesamt für Sicherheit in der Informationstechnik), officials from the agency specifically purchased the models in question at various online marketplaces in order to test them for malware that had already been detected in February of this year. The device does not indicate on which devices this happened at the time. The malware, which is run by the security software manufacturer Sophos under the generic transmits has also a function for reload and run other malware such as banking Trojans.

    chinese smartphone malware

    Malicious Code Actively Works On Some Models

    The BSI has issued warning messages for the Doogee BL7000 and the M-Horse Pure 1. It advises users to refrain from using both devices and if available, to assert statutory warranty that claims against the dealer.

    According to Information Security data, connection attempts to over 20,000 different  IP addresses are made every day with a malicious server. It must therefore be assumed that devices with this malware variant will become more widespread in the world. Experts have already informed network operators about infected devices in their respective networks by means of Bund reports. The providers were asked to respond accordingly to their customers to notify. The malware is “Andr / Xgen2-CY”, which sends various characteristic data of the device used to the command and control server. The malware also has a reload function that can be used to land other malware on the devices and activate it. Since the malware is in the firmware, it cannot be removed manually or deactivated reliably.

    What Does The Malware Do?

    The malware collects device information and sends it to a server. It also reports the installation and deinstallation of apps. In addition, the malware has the option of using network connections without being noticed. This enables remote control and installation of additional malware. Since there is currently no way to remove the malware, the smartphones should not be used until an update.

    Recent Articles

    Manchester United have been blackmailed by cyber attackers

    The Premier League club Manchester United fell victim to a cyber attack according to the Daily Mail. The cyber criminals are apparently demanding ransom in...

    TikTok has fixed a serious security gap issue

    TikTok accounts paid a researcher a reward of 4000 dollars after he reported two vulnerabilities as part of a disclosure. A combination of both...

    Passwords should be changed for Fortinet VPNs

    Administrators should change the access for Fortinet VPNs in use. Log-in information for almost 50,000 VPN networks has appeared in various cyber blogs. A security...

    Twitter confirmed to bring back account verification

    Twitter is bringing back verifications for the account verification in the beginning of 2021. Certain users will then be given a control mark again,...

    350,000 Spotify users were hacked

    At the beginning of July this year, security researchers discovered an unsecured database that contained access and other information from 350,000 Spotify users. Spotify...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox