SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow3941
Avast has found that many low-cost, non-Google-certifed Android phones shipped with a strain of malware built in that could send users to download apps they didn't intend to access. The malware, called called Cosiloon, overlays advertisements over the operating system in order to promote apps...
[...] The app consists of a dropper and a payload. "The dropper is a small application with no obfuscation, located on the /system partition of affected devices. The app is completely passive, only visible to the user in the list of system applications under 'settings.' We have seen the dropper with two different names, 'CrashService' and 'ImeMess,'" wrote Avast. The dropper then connects with a website to grab the payloads that the hackers wish to install on the phone. "The XML manifest contains information about what to download, which services to start and contains a whitelist programmed to potentially exclude specific countries and devices from infection. However, we've never seen the country whitelist used, and just a few devices were whitelisted in early versions. Currently, no countries or devices are whitelisted. The entire Cosiloon URL is hardcoded in the APK."
[...] Avast can detect and remove the payloads and they recommend following these instructions to disable the dropper. If the dropper spots antivirus software on your phone it will actually stop notifications but it will still recommend downloads as you browse in your default browser, a gateway to grabbing more (and worse) malware. Engadget notes that this vector is similar to the Lenovo “Superfish” exploit that shipped thousands of computers with malware built in.
Source: https://techcrunch.com/2018/05/24/some-low-cost-android-phones-shipped-with-malware-built-in/
(Score: 2) by bzipitidoo on Thursday May 31 2018, @01:57AM
* raises hand *
What smartphone comes with software that respects our freedoms? Let's see, uh, NONE! Until something like the libresmartphone is available, to get a truly liberated phone, have to root and/or jailbreak the phones and install one of the free alternative OSes, such as LineageOS (successor to CyanogenMod). Plus, the hardware must work off a SIM card, and not have subscriber and carrier info baked into some sort of ROM.
Which service provider, hardware vendor, and OS vendor has not abused the total control they reserved for themselves? None I've heard of. Even "don't be evil" Google does it. They have baked in all kinds of ways to pressure the users into spending more money and divulging more information to be used to target them with even more costly temptations. And they trot out the tired old excuse that such control is necessary to protect us from cyber criminals.