Tag Archive for: counterfeit

The danger of counterfeit mobile phones, with hidden Trojans and malware

/in


The question is clear, why having completely solvent mid-range and entry-level mobiles, would we want to get hold of a fake. Well, the reality is that in developing countries these types of mobiles are still seen, which usually copy the external appearance of the most desired high-end mobiles.

New examples of its dangerousness

Today we are talking about this type of device again precisely because a good number of terminals have been discovered that would be infected with malicious software no less than in the system partition, come on, you are infected with malware in a severe way. It is a series of mobile phones that are mere counterfeits of other better-known models, and from the names you can get an idea of ​​what we are talking about.

These models are known as P48pro, radmi note 8, Note30u and Mate40, which are named in this way precisely to generate confusion in the consumers themselves, who, between the similar design and the similar name, end up achieving their objective of deceiving the victims. These versions of popular smartphones are called counterfeitand this example revealed by Doctor Web is one of the best exponents of what we are telling you.

Malicious and outdated software

Hackers are so obsessed with creating devices designed to infect victims that the software they carry is not old, but directly antediluvian. Because these mobiles that have found Trojans and malware inside their system partition, precisely have a version of Android with more than a decade behind them, as it is Android 4.4.2.

iphone speaker

Specifically, these phones have been detected with a clear manipulation in their operating system, specifically two files, the “/system/lib/libcutils.so” and “/system/lib/libmtd.so” that have been modified so that when any app uses one of these libraries, the Trojanization process of the mobile phone is triggered, in such a way that the indiscriminate download of malicious software to the smartphone begins, which is the objective with which this type is created of mobiles.

additional rear door

These researchers have also been able to discover that when WhatsApp or WhatsApp Business is executed, a new vulnerability, which is capable of opening a third…

Source…

Counterfeit Android Devices Revealed to Contain Backdoor Designed to Hack WhatsApp

/in


A team of mobile security researchers has discovered backdoors in the system partition of some budget Android device models that are counterfeit versions of known brand-name models. 

The malware, which the Doctor Web team first discovered in July 2022, was found in at least four different smartphones: ‘P48pro’, ‘radmi note 8’, ‘Note30u’ and ‘Mate40’.

“These incidents are united by the fact that the attacked devices were copycats of famous brand-name models,” Doctor Web wrote. “Moreover, instead of having one of the latest OS versions installed on them with the corresponding information displayed in the device details (for example, Android 10), they had the long outdated 4.4.2 version.”

According to the security researchers, the trojans target arbitrary code execution in the WhatsApp and WhatsApp Business messaging apps and could potentially be used in different attack scenarios.

“Among them is the interception of chats and the theft of the confidential information that could be found in them; this malware can also execute spam campaigns and various scam schemes,” Doctor Web wrote.

From a technical standpoint, the security researchers said their antivirus detected changes in two different system objects.

“To download modules, [the malware] connects to one of several C&C (command-and-control) servers, sending a request with a certain array of technical data about the device. In response, the server sends a list of plugins that the trojan will download, decrypt and run,” Doctor Web explained.

The mobile antivirus provider warned that the new malicious apps could be a member of the Android.FakeUpdates trojan family, often used by malicious actors to infiltrate various system components, including firmware updating software, the default settings app or the component responsible for the system graphical interface. 

“To avoid the risk of becoming a victim of these and other malicious programs, Doctor Web recommends that users purchase mobile devices in official stores and from reputable distributors,” the company added. “Using an anti-virus and installing all available OS updates is also important.”

The advisory comes days after Google…

Source…

Software Piracy – Computer Security Tips – NAPS-TV

/in



US Customs has one heck of a false positive over “counterfeit Apple AirPods”

/in

This weekend US Customs and Border Protection at New York’s JFK airport seemed proud to announce that it had “seized 2,000 counterfeit Apple AirPods” coming in from Hong Kong. But take another look…
Graham Cluley