- Pre-Installed Malware Found On 5 Million Popular Android Phones
New day new malware but this time malware targeted 5 Million Popular Android Phones. According to the latest report a new malware called RottenSys, the malware that disguised as a ‘System Wi-Fi service’ app came pre-installed on millions of brand new smartphones manufactured by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE—added somewhere along the supply chain. According to Check Point Mobile Security Team, who uncovered this campaign, RottenSys is an advanced piece of malware that doesn’t provide any secure Wi-Fi related service but takes almost all sensitive Android permissions to enable its malicious activities. The RottenSys malware began propagating in September 2016. By March 12, 2018, 4,964,460 devices were infected by RottenSys,” researchers said. Once RottenSys install it start downloading its malicious component. The massive malware campaign pushes an adware component to all infected devices that aggressively display advertisements on the device’s home screen, as pop-up windows or full-screen ads to generate fraudulent ad-revenues.
Cyber Security Tips: To check if your device is being infected with this malware, go to Android system settings→ App Manager, and then look for the following possible malware package names:
– android.yellowcalendarz (每日黄历)
– changmi.launcher (畅米桌面)
– android.services.securewifi (系统WIFI服务)
If any of above is in the list of your installed apps, simply uninstall it, avoid downloading any apps from untrusted source and check permissions while installing any apps.