Google Confirms Several Android Devices Shipped With a Malware

Google Confirms Several Android Devices Shipped With a Malware

Google tackles yet another vulnerability dubbed as Triada, a
malware in the form of a code that affected some Android devices even before
they shipped.
The malware is such cunningly structured by the hackers,
that it displays ads and spam on a cell phone, on endless Android smartphones
and stays undetected for long.
Google, in a rather detailed blog post, clarifies
“Triada infects device system images through a third-party during the
production process. Sometimes OEMs want to include features that aren’t part of
the Android Open Source Project, such as face unlock. The OEM might partner
with a third-party that can develop the desired feature and send the whole
system image to that vendor for development…Based on analysis; we believe
that a vendor using the name Yehuo or Blazefire infected the returned system
image with Triada.”
The activities of Triada were first discovered by Kaspersky
Labs through the two posts which had stayed profound into the workings of the malware,
first was back in March 2016 and the other in a consequent post in June 2016.
What makes this Trojan progressively perilous is simply the
way that it hides itself from the list of applications running and installed on
the Android smartphone, making it unimaginable for the anti-virus applications
and anti-malware applications to identify it, then again it makes it hard for
the framework to distinguish if a peculiar or an undesirable procedure is
running in the background.
Triada is additionally known to modify the Android’s Zygote
process too.
Google, upon finding out about the functions and workings of
Triada in 2016, had immediately removed the malware from all devices utilizing Google
Play Protect. In any case, the malevolent actors amped up their endeavors and
discharged a much smarter version of the Trojan in 2017.
What’s more, since this more ‘smarter version’ was implanted
in the system libraries it could furtively download and run noxious modules.
The most concerning fact being that it can’t be erased utilizing the standard
techniques and methods.
As indicated by a well-known software suite Dr.Web, the
modified version of Traida is known to be found on several mobile devices,
including Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.

Share this with Your friends:

Leave a Reply

Your email address will not be published. Required fields are marked *