The first information about the virus appeared in 2016.
The first information about the virus appeared in 2016. Then the researchers from Dr.Web reported that a group of criminals infiltrated the supply chain of several mobile operators and infect smartphones with malware. Dangerous application detected in 26 low-cost models.
Two years later, it became clear that the attackers have not stopped their activities. Moreover, hackers have increased influence, infecting at least 140 models of budget devices running the operating system from Google. The list of infected gadgets published experts Avast.
Experts compared the reports for the last two years and came to the conclusion that during this time the malware had not received any updates. It has root permissions and runs from the folder /system. Its main task is to connect to a remote server, download the XML file and installing one or more applications of this document. Since the virus is already in the firmware, it can easily install any application on the smartphone without any user interaction.
Nevertheless, the hackers used the malware only to serve ads in other apps or on top of the Android interface. This enables attackers get revenue from displaying commercial ads.
Experts still are unable to determine where hackers are working: of the infected device was detected in more than 90 countries around the world.
© 2018, z-news.link. All rights reserved.