Low-end Android Phones Come With Pre-loaded Malware

Ordinarily, when you think of Android malware, you usually think it spreads via manipulative apps on the Play Store. Turns out, a lot of malware doesn’t even need to go that far.

According to a report by Avast Threat Labs, a lot of budget smartphones come with malware pre-loaded within their software. As you’d expect, most of these phones lie in the low-end of the spectrum, and the amount of bloatware means that harmful software finds it easier to hide.

What it Does

Called “Cosiloon”, it is said to affect users in 90 countries. These phones suffer from frequent pop-ups and unnecessary advertisements, which are difficult to get rid of as they’re written within system applications.

Without the intervention of a user, it can receive commands and start services remotely, which lead to the arrival of ads. The malware also has the ability to hide its activities from anti-virus applications. A different variant of the malware is encoded even deeper, and has the ability to share private data such as your IMEI, phone number and credit card number.

Google Play Protect to The Rescue?

The company is working with Google to make sure its Play Protect service intervenes whenever it detects the malware is downloading commands from remote servers. Avast also managed to remotely disable a server after repeated requests, however, the malware found a different avenue to target its attacks from instantly.


ALSO READ

Android Phone Makers Caught Lying About Monthly Security Updates


Companies which are guilty of using this sort of trickery include ZTE, Archos and myPhone, which are all notable names in certain regions of the globe. Previously, Lenovo was accused of something similar, bringing adware on its laptops.

We don’t have a response from the companies as of yet.


  • Abu Zaid

    If a company is selling at cost of even lower, they have to make money somehow. I remember my first QMobile; it had Yahoo Messange, and Yahoo Finance servcies, which would consume lot of Memory and precious Space (you couldn’t install most apps on SD Card in those days). Ended up throwing it away, though I am sure if there was a Custom ROM, I could have used it for another 2 – 3 years as a Secondary Phone.

  • Adnan

    If Google nothing to do for Malware to protect the Google PlayStore to save the Andriod User date they lost Andriod User.

    Million of Apps in PlayStore without authentication of Google.

  • Harm

    You forgot infinix. See here: arstechnica dot com/information-technology/2016/11/powerful-backdoorrootkit-found-preinstalled-on-3-million-android-phones/

  • C

    When the product is free, or dirt cheap, you are the product. This has been the case with Facebook and this is the case here.