Just In
- 1 hr ago Apple Confirms Special Event for May 7: iPad Air, iPad Pro 2024 Models Expected
- 10 hrs ago Xiaomi Robot Vacuum Cleaner S10, Handheld Garment Steamer, and Redmi Buds 5A Launched in India
- 11 hrs ago Lenovo Unveils IdeaPad Pro 5i Laptop With Intel Core Ultra 9 Processor – Check Price, Specs
- 11 hrs ago Lava ProWatch Zn, ProWatch Vn Smartwatches Launched in India: Check Price, Specs, Availability
Don't Miss
- Sports Today's IPL 2024 Match Prediction, DC vs GT: Who Will Win Delhi Capitals vs Gujarat Titans Match 40?
- Finance 6,693% Returns: Below Rs 75, Pharma Penny Stock Ex-Dividend For Rs 40/Sh Payout After 9 Years; Do You Own?
- News Senator Lambie Calls For Elon Musk's Imprisonment Over Wakeley Church Stabbing Posts
- Movies Mirzapur 3 OTT Release Date, Platform: When Will Mirzapur Season 3 Premiere On Amazon Prime Video?
- Education Telangana Inter Manabadi 1st and 2nd Year Results 2024 to be Declared Tomorrow
- Automobiles Chrysler Pacifica Marks Seven Years As Most Awarded Minivan With New Campaign
- Lifestyle Anant Ambani-Radhika Merchant's Wedding Function Details Are Out, Check out Ambani Bahu-To-Be's Chic Fashion!
- Travel Kurnool's Hidden Gems: A Guide To Exploring India's Lesser-Known Treasures
Thousands of Android devices shipped with pre-installed malware: Avast
The majority of these devices are not certified by Google and adware goes by the name “Cosiloon” which creates an overlay to display an ad over a webpage within the user’s browser.
According to a new study by global cyber-security company Avast, several of Android devices, including those from manufacturers like ZTE, Archos, and myPhone, are being shipped with pre-installed malware.
The majority of these devices are not certified by Google and adware goes by the name "Cosiloon" which creates an overlay to display an ad over a webpage within the user's browser.
"Thousands of users are affected, and in the past month alone, in fact, Avast Threat Labs has seen the latest version of the adware on around 18,000 devices belonging to its users located in more than 100 countries including Russia, Italy, Germany, India, Mexico, the UK, as well as some users in the US," the company said in a statement.
"Malicious apps can, unfortunately, be installed on firmware level before they are shipped to customers, probably without the manufacturer's knowledge," said Nikolaos Chrysaidos, Head of Mobile Threat Intelligence & Security at Avast.
Chrysaidos said: "If an app is installed on the firmware level, it is very difficult to remove, making cross-industry collaborations between security vendors, Google, and OEMs imperative. Together, we can ensure a safer mobile ecosystem for Android users."
The adware which was previously described by Dr. Web has been active for at least three years and is difficult to remove as it is installed at the firmware level and uses strong obfuscation.
However, the company said that it is not clear how the adware got onto the devices. The malware authors kept updating the control server with new payloads and manufacturers also continued to ship new devices with the pre-installed dropper.
Some antivirus apps report the payloads, but the dropper will install them right back again and the dropper itself can't be removed, so the device will forever have a method allowing an unknown party to install any application they want on it, report further said.
The Avast Threat Labs also observed the dropper install adware on the devices, however, it could easily also download spyware, ransomware or any other type of threat.
It said that users can find the dropper in their settings, and can click the "disable" button on the app's page, if available. This will deactivate the dropper and once Avast removes the payload, it will not return again.
In the last few years, the Avast Threat Labs have observed from time to time some strange Android samples in their database.
The samples appeared to be like any other adware sample, with the exception that the adware appeared to have no point of infection and several similar package names, the most common being:
· com.google.eMediaService
· com.google.eMusic1Service
· com.google.ePlay3Service
· com.google.eVideo2Service
-
99,999
-
1,29,999
-
69,999
-
41,999
-
64,999
-
99,999
-
29,999
-
63,999
-
39,999
-
1,56,900
-
79,900
-
1,39,900
-
1,29,900
-
65,900
-
1,56,900
-
1,30,990
-
76,990
-
16,499
-
30,700
-
12,999
-
14,999
-
26,634
-
18,800
-
62,425
-
1,15,909
-
93,635
-
75,804
-
9,999
-
11,999
-
3,999