In a shocking report, it has been revealed that over 40% of Android smartphones, especially the ones those are manufactured by Chinese companies are pre-installed with malware. It is said that these smartphones are shipped with pre-installed malware, which is injected into the firmware when they move out of the factory.
Dr. Web, a security company states that a new Trojan dubbed Android.Triada.231 was found in the firmware of many Android smartphones in mid-2017. In an in-depth research, it has been found that over 40% of the models might be affected due to the Trojan. The report further notes that a majority of the compromised models belong to the low-end price point and belong to Cubot, Umi, Doogee, and Leagoo brands. The new models such as the Leagoo M9 launched in December is also said to be compromised.
Dr. Web states that on contacting the affected companies about this issue, it found that the culprit was the partnership with a Shanghai-based software developing company as the Android OEMs had to pre-install one of its apps.
What's more shocking is that the security firm has revealed that the malware pre-installed on the Android phones can steal confidential information such as personal details and banking data. It is said that the Trojan can infect the process of Zygote, Android's important system component, which is used to launch all apps. Once the Trojan gets into this module, it can penetrate into other active apps. Eventually, the malware can get access to the user data involved in these apps.
It is said that the Android.Triada.231 is used by cybercriminals. They inject the Trojan into the libandroid_runtime.so system library so that the malicious app penetrates the firmware of the device during manufacture. As a result, the device comes infected out of the box.
The company further warns that the number of infected Android phones could be bigger but they have discovered 40% of the devices to be compromised for now. It is also said that the removal of the malware from these devices is not possible without the installation of a clean version of the OS from the manufacturer. Rooted devices can take the help of security applications to get rid of the malware.