“Cosiloon” Malware Discovered Pre-Installed On Some Android Devices

The Honor 7X is currently priced at Rs 12,999 (for 32GB variant) and Rs 15,999 (for 64GB), and was launched as a mid-ranger last November.
Huawei rolls out Android 8.0 Oreo update to the Honor 7X
05/28/2018
Sterilization Technology Market to Grow at a Steady Rate Over the Next Few Years: P&S Market Research
05/29/2018

“Cosiloon” Malware Discovered Pre-Installed On Some Android Devices

"Cosiloon" Malware Discovered Pre-Installed On Some Android Devices


Security researchers with Avast discovered that some Android smartphones have been shipping with malware pre-installed. The devices— from manufacturers such as ZTE, Archos, and Prestigio—come with a brand of ad-related malware dubbed “Cosiloon.”

The Cosiloon malware creates a pop-up on the phone’s screen in order to display ads when the user opens their phone’s built-in web browser. These ads often advertise other malicious apps—which, if clicked, download more malware onto the user’s device. Cosiloon is composed of two APKs, a dropper (which installs the malware), and the malware payload. Avast uncovered two types of droppers—”CrashService” and “ImeMess”—and more than 100 different payload variants. The payload masquerades as a system application to avoid being discovered by antivirus applications.

While Cosiloon has been around for several years, it is not particularly widespread. It affects less than 1,000 users, mostly on budget handsets not certified by Google, in 90 different countries. Avast’s antivirus app can now detect and disable the payload but not the dropper. Google Play Protect can disable the payload and dropper, but most of the devices affected don’t have Play Protect installed. Avast and Google are also working together to find a permanent fix to Cosiloon.

A complete list of affected devices is available here. You can also get a full rundown of the malware from Avast’s security researchers here.

Earlier this month, another piece of  Android malware (“ZooPark“) was discovered. This malware was used against targeted Middle Eastern Android phone users for surveillance. The malware takes over nearly all the phone’s functions in order to steal passwords, listen to phone calls, and download photos from memory cards. Other devices have been infected with cryptocurrency-mining malware.

While they’re not necessarily fool-proof, a good anti-malware app can help ensure malicious software like this doesn’t take hold on your own Android device.

H/T Inquirer.net

Christina Bonnington

Christina Bonnington

Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *