skip to Main Content

Nearly 5 million Android devices infected with malware already from the factory

Check Point: At least 5 million Android devices, especially smartphones, are infected with malware, called RottenSys, already installed in the assembly line

Nearly 5 million Android devices, especially smartphones and tablets, are infected with a pre-installed malware called RottenSys. It is an adware, a software that collects information on the operations performed by the user and periodically displays unsolicited advertising messages. Check Point cyber security researchers have discovered it. The malicious code, camouflaged as “System Wi-Fi service”, is already on mobile devices just out of the factory. Not only of economic brands, but also of prominent ones. It appears to have been loaded at the assembly line level, after it was recently discovered another, distributed by a third-party supplier in China. Formally RottenSys helps users manage WiFi connections. In reality, it asks for access to sensitive permissions such as the reading of the calendar and silent downloads, the start of which does not require the victim’s interaction. Also, use two avoidance techniques for not being detected.

RottenSys currently behaves like an adware, but can be turned into a botnet with extended capabilities

RottenSys is a very aggressive malware, much to show pop-up windows and full-screen advertising even on the homepage of infected smartphones and Android devices. According to Check Point, the adware only in the last 10 days showed unsolicited advertisements 13,259,756 times, of which 548,822 translated into clicks. This led to cybercrime hackers who installed profits of over $ 115,000. However, soon the situation for the victims could worsen. To the annoyance of aggressive ads, the infected mobile device could become part of a botnet. This will have extended capabilities, including the silent installation of APP, and will allow cyber criminals to take control of millions of devices.

The integral post by Check Point with brands involved

A similar case recently discovered by Dr. Web and related to cheap Android device models

Back To Top