If you’ve ever discovered one of your devices had been infected with malware, you know how disruptive and frustrating it can be to attempt to unravel the dirty deed left by a hacker.
However, none of us expect brand-new devices we’ve just purchased to have any malicious dangers on them right out of the box. Unfortunately, this has become the case for many Android phone and TV owners whose devices came with malware pre-installed on them.
How did the devices come pre-installed with malware?
There have been two separate reports detailing how these mobile and television devices were allowed to be sold with malware already installed on them. The first report came from the security firm Trend Micro. The team at Trend Macro discovered that around 8.9 million Android phones came with malware known as Guerrilla already on the devices.
Guerrilla was first discovered and reported on by the security firm Sophos, and they found that the malware was active in 15 different apps available on the Google Play Store.
The second report, by a researcher at GitHub, found that two China-based companies that power several wildly popular Android TV boxes sold on Amazon were intentionally and covertly included with malware. The affected models include the AllWinner T95, AllWinner T95Max, RockChip X12-Plus, and RockChip X88-Pro-10. The malware within them is capable of launching coordinated cyberattacks.
What does the malware on these devices do?
For the Android TV boxes, Guerrilla will report to a command-and-control server which then allows the cybercriminals to install any app they want onto the TV. It also will tap on ads in the background to generate advertising revenue.
Meanwhile, the Guerrilla malware has numerous capabilities on these devices. On Android devices, it opens a back door that forces the Android to communicate with a remote…