Casa > cibernético Notícias > Pre-Installed Android.Triada.231 Trojan Shipped with Chinese Devices
CYBER NEWS

Pré-instalado Android.Triada.231 Trojan Enviado com Dispositivos chineses

Security researchers have stumbled upon pre-installed malware and spyware on devices many times. Infelizmente, there’s new malware of the pre-installed kind that was just discovered by security company Dr. Rede. o malware, which in fact is a Trojan horse called Android.Triada.231, comes pre-installed on Android devices and allows attackers to download and run more malware on users’ phones.

Story relacionado: Dispositivos Android dadas aos empregados com Malware pré-instalado

Android.Triada.231: Technical Details about the Pre-Installed Trojan

De acordo com pesquisadores, the malicious code is built into the firmware of specific Android phones.

Virus analytics from Dr.Web detected Android.Triada.231 that was built into the firmware of several mobile devices running Android. The Trojan is embedded into one of the system libraries and penetrates processes of all running applications. It can silently download and run additional modules.

Mais especificamente, Android.Triada.231 takes over the libandroid_runtime.so module. além do que, além do mais, the Trojan can inject files into Zygote, the core process of Android running at system boot. This means that the malware can load itself each time the device starts.

Who is affected by Android.Triada.231?

The Trojan was detected on several Chinese Android mobile phones such as Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.

The worst thing about the pre-installed malware is that it can compromise any app on the device. Dito, it’s no wonder that the Trojan is used mainly for installing additional malware on Android systems. The authors of Android.Triada.231 can gain control over the targeted device via specifically chosen malware. Além disso, the malware can also help disable security products on Android.

Since Android.Triada.231 is embedded into one of the libraries of the operating system and located in the system section, it cannot be deleted using standard methods. The only safe and secure method to get rid of this Trojan is to install clean Android firmware, pesquisadores dizem.

Story relacionado: Pré-instalado Falhas Dell software poderia Mecanismos desativar a segurança

The only good news here is that the devices shipped with the pre-installed Trojan are not big on the market. The manufacturers have already been informed about the issue so that they can clean their firmware. It’s still unknown whether the manufacturer has done anything to countermeasure this infection.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...