Ordinarily, when you think of Android malware, you usually think it spreads via manipulative apps on the Play Store. Turns out, a lot of malware doesn’t even need to go that far.
According to a report by Avast Threat Labs, a lot of budget smartphones come with malware pre-loaded within their software. As you’d expect, most of these phones lie in the low-end of the spectrum, and the amount of bloatware means that harmful software finds it easier to hide.
What it Does
Called “Cosiloon”, it is said to affect users in 90 countries. These phones suffer from frequent pop-ups and unnecessary advertisements, which are difficult to get rid of as they’re written within system applications.
Without the intervention of a user, it can receive commands and start services remotely, which lead to the arrival of ads. The malware also has the ability to hide its activities from anti-virus applications. A different variant of the malware is encoded even deeper, and has the ability to share private data such as your IMEI, phone number and credit card number.
Google Play Protect to The Rescue?
The company is working with Google to make sure its Play Protect service intervenes whenever it detects the malware is downloading commands from remote servers. Avast also managed to remotely disable a server after repeated requests, however, the malware found a different avenue to target its attacks from instantly.
Companies which are guilty of using this sort of trickery include ZTE, Archos and myPhone, which are all notable names in certain regions of the globe. Previously, Lenovo was accused of something similar, bringing adware on its laptops.
We don’t have a response from the companies as of yet.