Beware! 36 Android Smartphone Models Sold in India Have Pre-Installed Malware – Here is How To Remove it


Hand holding mobile smart phone

In the past, a lot of Android smartphones have been affected with Spyware and mobile malware, and these were mostly post-production of the devices, once they were out in the market for the users.

However, in an interesting turn of events, Check Point Software Technologies has outed a report that identified around 36 Android-based smartphones that come pre-installed with malware. Yes, these smartphones were shipping with a malware inside it already!

According to the report, “The malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed.”

What are these malware?

The research team at Check Point Software Technologies has found the malware in the Android smartphones that could cause the most problems for the users. Since these malwares are in the backend, the user usually doesn’t even get to know.

Most of the malware found to be pre-installed on the devices were info-stealers and rough ad networks, and one of them was Slocker, a mobile ransomware. Slocker uses the AES encryption algorithm to encrypt all files on the device and demand ransom in return for their decryption key.

The most notable malware is the Loki Malware. The malware displays illegitimate advertisements to generate revenue. As part of its operation, the malware steals data about the device and installs itself to the system, allowing it to take full control of the device and achieve persistency.

Here is a list of smartphones affected by it –

A lot of Samsung smartphones, namely Samsung Galaxy Note 2, Samsung Galaxy Note 3, Samsung Galaxy Note Edge, Samsung Galaxy S7, Samsung Galaxy S4, Samsung Galaxy Note 4, Samsung Galaxy Note 5, Samsung Galaxy Note 8.0, Samsung Galaxy A5, Samsung Galaxy Tab S2 and Samsung Galaxy Tab 2.

The other phones affected are Xiaomi Mi 4i, Xiaomi Redmi, ZTE x500, Oppo N3, Oppo R7 plus, Vivo X6 plus, Asus Zenfone 2, Lenovo S90, Lenovo A850 and LG G4. The smartphones have a risk of letting out user information in even the easiest ways.

Appendix 1 – List of malware APKs, Shas, and Affected devices

com.fone.player1 Galaxy Note 2 
d99f490802f767201e8d507def4360319ce12ddf46765ca1b1168d64041f20f Galaxy S7
Galaxy S4
com.kandian.hdtogoapp Galaxy Note 4 
Galaxy Note 8.0
b4e70118905659cd9b2c948ce59eba2c4431149d8eb8f043796806262d9a625b Galaxy Note 2 
Xiaomi Mi 4i
com.baycode.mop Galaxy A5 39c6bab80cc157bfe540bdee9ce2440b3b363e830bc7adaab9fc37075fb26fb1
com.kandian.hdtogoapp Galaxy S4 998ab3d91cbc4f1b02ea6095f833bfed9d4f610eea83c51c56ce9979a2469aea
com.iflytek.ringdiyclient ZTE x500 e9a30767e69dccb1b980eae42601dff857a394c7abdfe93a18e8739fa218d14b Galaxy A5 01b8cb51464b07775ff5f45207d26d8d9f4a3b6863c110b56076b446bda03a8a
com.changba Galaxy S4 
Galaxy Note 3 
Galaxy S4 
Galaxy Note Edge 
Galaxy Note 4
com.example.loader Galaxy Tab S2 e4e97090e9fd6cc3d321cee5799efd1806b5d8a9dea7c4872044057eb1c486ff Galaxy Tab 2 947574e790b1370e2a6b5f4738c8411c63bdca09a7455dd9297215bd161cd591 Oppo N3 
vivo X6 plus
com.mobogenie.daemon Galaxy S4 0038f450d7f1df75bf5890cf22299b0c99cc0bea8d66e6d25528cb01992a436b 5 Asus Zenfone 2 
com.skymobi.mopoplay.appstore LenovoS90 3032bb3d90eea6de2ba58ac7ceddead702cc3aeca7792b27508e540f0d1a60be
com.example.loader OppoR7 plus 1cb5a37bd866e92b993ecbbcc4a2478c717eeb93839049ef0953b0c6ba89434e
com.yongfu.wenjianjiaguanli Xiaomi Redmi e5656c1d96158ee7e1a94f08bca1213686a05266e37fb2efb5443b84250ea29d
air.fyzb3 Galaxy Note 4 c4eac5d13e58fb7d32a123105683a293f70456ffe43bb640a50fde22fe1334a2
com.ddev.downloader.v2 Galaxy Note 5 92ae2083a8495cc5b0a0a82f0bdeb53877170d2615ce93bd8081172af9e60f8f
com.mojang.minecraftpe Galaxy Note Edge fbe9c495f86a291a0abe67ad36712475ff0674d319334dbd7a2c3aa10ff0f429
com.androidhelper.sdk Lenovo A850 b0f6d2fc8176356124e502426d7aa7448490556ef68a2f31a78f4dd8af9d1750

How to Remove the Malware?

Till the time you get a chance to remove the malware, you must ensure security while accessing websites and apps. It is advisable to download anti-virus and anti-malware software from the Google Play Store to monitor your smartphone and its use.

To completely get rid of the malware, if any, you must visit the nearest service centre of the smartphone brand you’re using. The customer service personnel will reflash Android on your smartphone, so take any backup if you want.

It is quite unfair to customers who want to receive a smartphone that has no problems before shipping. A user-installed malware can still be blamed on the user, but this carelessness in companies should not be expected. These smartphone manufacturers should also call for a recall or a mobile health checkup to ensure users are protected.

Source: Check Point

Leave A Reply

Your email address will not be published.

who's online