Home Security Android malware installed on mobiles before sale

Android malware installed on mobiles before sale

Thirty-eight Android mobile devices used by two businesses have been found to be infected with malware which was apparently installed at some point in the supply chain.

The multinational software provider Check Point Software Technologies said in a blog post that the presence of the malware was detected by a commercial malware scanner.

It said that in six cases, the malware was installed by an individual who had system privileges which meant that the malicious software could only be removed by flashing the device back to the factory default.

None of the malware was part of the official ROM supplied by the vendors.

Most of the malware installed were information stealing apps and rough ad networks. There was one case of a mobile ransomware app, Slocker.

"Slocker uses the AES encryption algorithm to encrypt all files on the device and demand ransom in return for their decryption key. Slocker uses Tor for its C&C communications," Check Point said.

Of the rough ad networks installed, the most notable one was Loki.

"This complex malware operates by using several different components; each has its own functionality and role in achieving the malware’s malicious goal," Check Point said.

"The malware displays illegitimate advertisements to generate revenue. As part of its operation, it steals data about the device and installs itself to system, allowing it to take full control of the device and achieve persistency."

The devices that were infected included:

  • Galaxy Note 2
  • LG G4
  • Galaxy S7
  • Galaxy S4
  • Galaxy Note 4
  • Galaxy Note 5
  • Galaxy Note 8
  • Xiaomi Mi 4i
  • Galaxy A5
  • ZTE x500
  • Galaxy Note 3
  • Galaxy Note Edge
  • Galaxy Tab S2
  • Galaxy Tab 2
  • Oppo N3
  • vivo X6 plus
  • Nexus 5
  • Nexus 5X
  • Asus Zenfone 2
  • LenovoS90
  • OppoR7 plus
  • Xiaomi Redmi
  • Lenovo A850

Check Point did not mention the names of the two businesses which had been affected.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.