An anonymous reader quotes a report from SecurityWeek: Tens of thousands of Android devices have been shipped to end-users with backdoored firmware, according to a warning from cybersecurity vendor Human Security. As part of the global cybercriminal operation called BadBox (PDF), Human Security found a threat actor relied on supply chain compromise to infect the firmware of more than 70,000 Android smartphones, CTV boxes, and tablet devices with the Triada malware. The infected devices come from at least one Chinese manufacturer but, before they are delivered to resellers, physical retail stores, and e-commerce warehouses, a backdoor was injected into their firmware. "Products known to contain the backdoor have been found on public school networks throughout the United States," Human says. Discovered in 2016, Triada is a modular trojan residing in a device's RAM, relying on the Zygote process to hook all applications on Android, actively using root privileges to substitute system files. Over time, the malware went through various iterations and was found pre-installed on low-cost Android devices on at least two occasions. As part of the BadBox operation that Human Security discovered, the infected low-cost Android devices allow threat actors to carry out various ad-fraud schemes, including one named PeachPit, which at its peak relied on 121,000 Android and 159,000 iOS devices infected with malware, and on 39 Android, iOS, and CTV-centric apps designed to connect to a fake supply-side platform (SSP). One of the modules delivered to the infected devices from the command-and-control (C&C) server allows the creation of WebViews that are fully hidden from the user, but which "are used to request, render, and click on ads, spoofing the ad requests to look like they're coming from certain apps, referred by certain websites, and rendered" on specific devices. BadBox, Human Security notes, also includes a residential proxy module that allows the threat actors to sell access to the victim's network. Furthermore, they can create WhatsApp messaging accounts and Gmail accounts they can then use for other malicious activities. "Finally, because of the backdoor's connection to C2 servers on BadBox-infected smartphones, tablets, and CTV boxes, new apps or code can be remotely installed by the threat actors without the device owner's permission. The threat actors behind BadBox could develop entirely new schemes and deploy them on BadBox-infected devices without any interaction from the devices' owners," Human notes.

Read more of this story at Slashdot.

Googleは2023年10月4日、最新スマートフォン『Pixel 8』『Pixel 8 Pro』をリリースしました。Pixel 8『112,900円～』、Pixel 8 Pro『159,900円～』 ...

Copyright © 2023 ハイパーガジェット通信 All Rights Reserved.

Googleが2023年10月12日から発売を開始する『Pixel 8』『Pixel 8 Pro』には、AIを駆使した便利機能が多数追加されています。そのうちの一つが『ベストテイク』。似ている写真を組 ...

Copyright © 2023 ハイパーガジェット通信 All Rights Reserved.

Simon Sharwood writes via The Register: The Chinese manufacturer that took over IBM's PC business announced on Thursday that it's teamed with an outfit named Esper that specializes in custom cuts of Android, plus device management offerings. Android is most commonly used in handheld devices. Lenovo's taking it in an entirely different direction by making the ThinkCentre M70a: a desktop all-in-one. The first fruit of the collaboration with Esper, the ThinkCentre M70a boasts a 21 -- inch touch screen and offers a choice of 12th-gen Intel core CPUs from the Core i3 to the almost workstation-grade Core i9, at prices from $889 to beyond $1250. What could you do with Android on a Corei9, plus the maximum 16GB DDR4 3200MHz and 512GB PCIe SSD Lenovo's machines allow? Almost anything -- but Lenovo thinks its Android effort will first be appreciated by customers in the retail, hospitality, and healthcare industries. Esper pitches its wares as ideal for point-of-sale systems, kiosks, and digital signage -- environments where users don't need to access diverse apps but do need a machine that reliably boots into custom environments. Lenovo's not just doing desktop PCs. The number one PC maker by market share has promised it will also ship Esper's wares on the small form factor ThinkCentre M70q -- a machine designed to be bolted to the back of monitors. The ThinkEdge SE30 -- a ruggedized and fanless edge client -- will also have an Android option. So will the ThinkCentre M90n-1 IoT [PDF] -- another rugged client for edge applications.

Read more of this story at Slashdot.