More than 40 Android smartphone affected
In extensive tests, the IT forensic scientists behind the anti-virus software Dr. med. Discovered web malware on Android smartphones. So far the list of affected devices already contains more than 40 entries. It is quite possible that significantly more Android smartphones are affected.
The most famous “victim” is Leagoo. As many as ten smartphones from the manufacturer are equipped with the malware. The example of the Leagoo M9 (between 50 and 80 euros in the trade) shows Dr. Web, how the malware gets on the device. The manufacturer himself receives the software from a third party manufacturer, including instructions for installation. Obviously there is no exam at Leagoo. It is unclear whether the affected manufacturers are in cahoots with the supplier of contaminated firmware.
Other affected device manufacturers are ARK, Zopo, Uhans, Doogee, Tecno, Homtom, Umi, Kiano, iLife, Mito, Vertex, myPhone, Advan, STF, Tesla, Haier, Cherry Mobile, NOA, Pelitt, Prestigio, and BQ.
The malware is named Android.Triada.231. So far, there is no reliable knowledge about whether the malware is activated at the factory and what damage they can do. In any case, the pest settles in Android’s Zygote system process. This manages system resources for all other apps.
Malware has root privileges
In order for the malware to do this, it needs root privileges. Experts do not yet know which way the malware gets hold of them.
Once activated, Triada can manipulate.231 running apps and download additional modules. The theoretically can exercise any functions. It is conceivable that the malware is used to spy on users, for example when using banking apps.