How to know if there is pre-installed malware on your new smartphone

Smartphones, we all have them, almost all of us love having them. And more importantly, most of us love upgrading the ones we have right now. Getting your hands on the device with the bigger screen, the better camera and the faster processor is an exhilarating experience.

But before you get carried away by all the bells and whistles involved, you should know that your precious new device has much more than what meets your eye. If your new phone is an Android device, there is a good chance that something harmful to you, the consumer has been snuck in. A lot of news about gaps in the chain that allow destructive elements like these to sneak in has been making the rounds. A few of these have been listed below

The Consumer Electronics Supply Chain

Globalization has resulted in a worldwide market for almost everything from raw materials to finished product. The same applies to consumer electronics as well. China is a major producer of silicon which is an important component of a variety of consumer electronics. And this has resulted in the modern manufacturing supply chain being very complicated. Accurate traceability of everything that goes into the manufacturing of a phone is very difficult. This is a possible path through which possibly harmful malware could be snuck into your phone.

Manufacturing Android Smartphones

Because Android is open-source, Google cannot impose a lot of control on the manufacturers what they can do with the operating system. The business model that has allowed Android to achieve its market dominance is exactly what has plagued a lot of Android devices with fragmentation, non-existent updates, and unresponsive or spam-riddled launchers. Each manufacturer and carrier is allowed to custom design the hardware and software of each device. This is the reason that the market is plagued with such a large number of Android devices.

Unsafe system

Android has a very open natured software and despite Google’s steps to improve the platform’s security, there are a lot of opportunities for malicious attackers to do their thing because of poor practices and complicated supply chains of manufacturers.

RottenSys Malware

A Wi-Fi service that was available on Xiaomi Redmi was investigated by researchers at Check Point Research (CPR). They found out that it did not provide Wi-Fi services at all. It requested a long list of sensitive Android permissions that had nothing to do with Wi-Fi services.

One of the notable permissions that it asked for was DOWNLOAD_WITHOUT_NOTIFICATION. Malicious software was found to be downloaded from a Command & Control (C&C) server following a slight delay when the phone initially powered up. This malware, which is known as RottenSys, was able to use an open-source framework called MarsDaemon to hide from the operating system and keep its processes alive.

Shanghai AdUps Technology

Researchers at security firm Kryptowire found out in 2016 that malicious firmware that collected and send information to a Chinese server every 72 hours was seen on multiple Android devices sold in the US. By bypassing Android permissions, it was provided with access to all your data.

This included text messages, contact lists, call history with full telephone numbers, and unique device identifiers that included International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). All this information was tracked to a Chinese firm called Shanghai AdUps Technology. Although the firm stated that this was an accident and took steps to remove the firmware, it was revealed a year later that they only hid most of the components.

Who do you trust?

There have been accusations made against Huawei after their involvement in security scandals, everyone needs to up their vigilance when it comes to picking a phone if privacy is something that you value.