Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement 

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

Many Android Smartphones Preloaded With Malware, Warns Avast

Written by  May 28, 2018

Many affordable Android smartphones ship preloaded with malware out of the box, cyber security specialist Avast has warned.

The firm identified over several hundred phones from the likes ZTE, MediaTek, Archos and Blaupunkt, among others as being shipped with the Cosiloon adware, which is reportedly very difficult to remove.

This is not the first time that adware has been found on Android devices, however devices are unsually infected after installing compromised apps. This time last year for example Check Point warned of adware on 41 apps on Google Play, which had been developed by a Korean company.

Preinstalled adware

But now Avast in a blog post has warned that hundreds of cheap Android smartphones are shipped with the Cosiloon adware.

“When you get a brand new phone, you expect it to be clean from any malware and adware. Unfortunately, this is not always the case,” wrote Avast. “The Avast Threat Labs has found adware pre-installed on several hundred different Android device models and versions, including devices from manufacturers like ZTE and Archos. The majority of these devices are not certified by Google.”

Advertisement 
Daily Steals Up to 95% Off!

It said that the Cosiloon adware has previously been described by Dr. Web, and has been active for at least three years.

Essentially, the adware creates an overlay to display an ad over a webpage within the users’ browser.

Avast warned that Cosiloon “is difficult to remove as it is installed on the firmware level and uses strong obfuscation.”

“Thousands of users are affected, and in the past month alone we have seen the latest version of the adware on around 18,000 devices belonging to Avast users located in more than 100 countries including Russia, Italy, Germany, the UK, as well as some users in the US,” it wrote.

C&C takedown

“By far the most jarring fact is that Dr. Web reported on this in 2016… and yet nothing happened,” said Avast. “The control server was live until April 2018, and the authors kept updating it with new payloads.”

“We have attempted to disable Cosiloon’s C&C server by sending takedown requests to the domain registrar and server providers,” said Avast.

But it seems that the domain registar has not responded, so the C&C server is still active.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Latest

Cyber security double agents most common in UK

Aug 08, 2018 Cyber UK

Cyber security double agents most common in UK

Grey Hats, who work as both as cyber criminals and security professionals, are the most common in the UK, with one in 13...

Advertisement 

  1. Popular
  2. Trending
  3. Comments

Calendar

« August 2018 »
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

Advertisement 

Advertisement