News

Rootkit Discovered in Over 2.8 Million Low-Cost Android Phones

Close to 3 million Android phones have been discovered to contain a very powerful rootkit/backdoor that leaves the user vulnerable to remote control, tracking and code execution attacks. These phones are affordable low-cost models and can be purchased in the US in any Best Buy store. Researchers from BitSight Technologies (a subsidiary of Anubis Networks) has detailed in their blog how this root kit was discovered, tested and thankfully so far, prevented from doing harm.

The malicious firmware was designed to hide and to be difficult to detect but secretly contact two pre-configured domains, sending information from the device. Surprisingly, the two domains were unregistered so BitSight technologies was able to acquire them immediately before any deployment and perform tests. The company purchased a BLU Studio G phone from Best Buy, built a passive network traffic system and performed the analysis which revealed that over 2.8 million devices are affected and have since tried to contact the domain they registered. This affects 55 different device models and based on the IP connecting to the domains, the vulnerability affects the entire world with the majority of users affected based in the United States. US-based BLU products is the most affected having 26.3% of the affected phones.

João Gouveia, a BitSight researcher who is part of the team who discovered the rootkit have further revealed that he has seen lots of connections coming from all sorts of sectors, including healthcare, government and banking.

Most of these phone models are what are considered “burner” or low-cost phones, previously thought of to be a safer due to their disposable nature. Recently, another security firm Kryptowire had also discovered a major vulnerability in the form of pre-installed backdoors on BLU R1 HD phones. They discovered the massive amounts of data from the user were being sent back to the Chinese company Shanghai AdUps Technologies, the software company who handles these phones. AdUps Technologies is also used by Huawei and ZTE.

Ron Perillo

Disqus Comments Loading...

Recent Posts

Nvidia’s GeForce RTX 5090 Possible Price Revealed

According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…

59 mins ago

AMD Krackan Processor with 6 Zen 5 and Zen 5c Cores for Budget AI Laptops Leaked

A new AMD processor in the form of an engineering model has been leaked in…

1 hour ago

SK Hynix Begins Production of First 321-Layer NAND Chips

SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…

1 hour ago

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

6 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

6 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

6 hours ago