• Tue. Oct 10th, 2023

Trend Micro: Viruses are Already Present on Millions of Android Smartphones

Avatar photo


Jul 14, 2023
Millions of Android smartphones infected

Millions of Android smartphones worldwide are infected with malware before they ever leave the factory, according to experts from the information security firm Trend Micro. At the Black Hat Asia conference, experts spoke about it.

The device assembly process puts Android TVs, smartwatches, smartphones, and other electronics at danger of malware insertion. OEMs, who are in charge of production, have the ability to introduce viruses at any time, including during the setting up of software.  

The Research

According to analysts, this behavior has been a concern for a long time and is becoming more harmful for companies and regular consumers. The early stages of infection, where an infection is injected at the root and spreads throughout the entire device, are compared to a tree collecting fluids. 

The situation has been exacerbated by the significant drop in firmware pricing. Due to fierce rivalry among firmware sellers, many of them now give away their goods for free, which causes firmware to come pre-installed with unwanted plugins that aren’t readily apparent. Over 80 such plugins were discovered by Trend Micro after it analyzed hundreds of firmware images, however many of them were rarely utilized.

Inexpensive firmware contaminated with malware Android smartphones present a serious risk because of plugins that have their own business models, are freely sold on the dark web, and are promoted on websites like Facebook, blogs, and YouTube

With the use of these plugins, smartphones may act as proxies, enabling thieves to eavesdrop on SMS communications, hijack accounts on social networks and instant messaging services, and make money through click fraud and adverts. In order to gain access to keystrokes, location, IP address, and other data, proxy plugins allow rental of devices for up to 5 minutes. 

The Infected Devices

Telemetry reveals there are millions of infected devices globally, with Southeast Asia and Eastern Europe having the highest densities. Although specific nations were not addressed, China was mentioned in regard to the source of suspect firmware in the presentation. Finding the infection’s precise point of entrance into the supply chain is difficult. 

At least ten different manufacturers of phones have been identified to have malware, which might possibly compromise forty additional businesses. Even if buying more costly models from more well-known companies like Samsung or Google doesn’t ensure total security, they often take greater care of supply chain security. Nevertheless, attackers continue to profit greatly from the low-end Android environment.