Säkerhetsföretaget Checkpoint har hittat 38 mobiltelefoner, av olika modeller och från olika tillverkare som levererats till två kunder, infekterade med malware.
Kunderna, ett stort telekommunikationsföretag och ett multinationellt teknikföretag, har beställt nya telefoner och någonstans mellan fabriken och tills de har levererats så har telefonerna infekterats med spionprogram.
Researchers say they’ve identified two malware families on the infected phones. These are the Loki adware/infostealer and Slocker mobile ransomware.
On most phones, researchers say they’ve spotted the Loki malware, whoch is a very powerful malware family, capable of gaining root privileges and infecting even Zygote, one of the Android operating system core processes.
While Loki can do a lot of harm, in most cases, the malware is used as an infostealer to gather data from infected devices, but also as adware, showing ads on top of other apps.
On the other hand, Slocker infections were rarer, but if activated, this ransomware can lock devices using an AES encryption algorithm, and talk covertly to its C&C servers located on Tor servers.
0 kommentarer