It is not uncommon for android smartphones to get infected with some type of malware at some point in time. What, however, is quite uncommon, is when malware comes pre-loaded with your brand new device out-of-the-box.
Lookout, a mobile security company, recently identified malware that there is no way to avoid, except for purchasing a different phone. The malware, which was named the DeathRing, is a Chinese Trojan that pretends to be a ringtone app. The malware is found on low-end Android phones around the globe, but mainly in some African countries and Asia (including Nigeria, Vietnam, Indonesia, India, Taiwan, and China).
The DeathRing malware has the ability to serve phishing messages and download content via internet to the victim’s phone, among other things. The second capability is what is rather concerning, as it has the ability to download more malware onto the device, which greatly extends its damage potential. The malware is activated by either restarting the phone 5 times, or by going in and out of stand-by mode (turning of the screen) 50 times.
Victims are also out of luck if they think that installing antivirus apps will help them in any way. Sadly, since the malware is pre-loaded within the device’s ROM/firmware, it cannot be removed. At least not until the smartphone is rooted, which is certainly something not many users feel comfortable doing (there is a chance your device might get “bricked.” There are a few things customers can do to stay safe:
- Make sure you know where your device comes from (read reviews prior to buying, make sure the manufacturer is known, and at least somewhat reputable)
- Install antivirus software – it might not be able to remove, but it can detect the malware. You can then go and return the device
- Check your phone bill for extra charges
The good news is, that most, if not all, devices affected are not well-known in the North America or Europe. They include:
- Counterfeit Samsung GS4/Note II
- Various TECNO devices
- Gionee Gpad G1
- Gionee GN708W
- Gionee GN800
- Polytron Rocket S2350
- Hi-Tech Amaze Tab
- Karbonn TA-FONE A34/A37
- Jiayu G4S – Galaxy S4 Clone
- Haier H7
- No manufacturer specified i9502+ Samsung Clone
About the author
A dangerous bitcoin stealing malware that swaps user accounts with that of the attacker was...Read more arrow_forward
Software giant Microsoft has labelled malicious cryptocurrency miners as an increasing threat as...Read more arrow_forward