https://bit.ly/44QatUq - 📱Research at Black Hat Asia by Trend Micro has revealed a startling trend: millions of Android devices come pre-infected with malware before they even leave the factories. This is predominantly affecting lower-cost Android mobile devices, but other tech such as smartwatches and TVs are also impacted. This problem is due to outsourcing to original equipment manufacturers (OEMs), enabling malware implantation within the supply chain. #CyberSecurity #MobileMalware 🏭This isn't a new issue, with similar instances dating back to 2017, but the problem is escalating. Malware plugins, such as proxy plugins, allow criminals to rent infected devices, potentially gaining access to sensitive data like keystrokes, geographical location, and IP addresses. All of this is made possible at the early stages of the device lifecycle, likened to a tree absorbing liquid from the root. #MalwareThreat #CyberCrime 💰The proliferation of malware-infected devices became more prevalent as the price of mobile phone firmware dropped. Fierce competition led to firmware being distributed for free, often bundled with unwanted silent plugins. The most damaging plugins are those with a business model built around them, marketed openly on platforms like Facebook, YouTube, and blogs. #Firmware #InfoSec 🔍The objective of the malware is to steal or monetize information. Devices are turned into proxies used for data theft and click fraud. Users may unwittingly rent out their infected devices, allowing criminals to harvest data or use their phone as an exit node for a period of 1200 seconds. #DataTheft #CyberFraud 🌏Telemetry data estimates that millions of infected devices exist globally, predominantly in Southeast Asia and Eastern Europe. While the precise origin of these threats remains unspecified, China was mentioned several times during the presentation. It's important to note that most of the world's OEMs are based there. #GlobalThreat #CyberAttack 📲At least 10 vendors were found to harbor the malware, with potentially 40 more affected. Higher-end devices are less likely to be infected, suggesting that sticking to well-known brands may offer a degree of protection, though no guarantee. Companies like Samsung and Google have robust supply chain security, but for threat actors, the market remains lucrative.
