Android smartphones infected with dangerous rootkit2016-11-21 03:11 by Daniela
Tags: Android, rootkit
An internet security company BitSight has discovered that around three millions of low cost Android phones are vulnerable to a man-in-the-middle type of attack due to a backdoor pre-installed on them.
The backdoor is found in firmware, developed by Chinese firm Ragentek Group and allows an attacker to take complete control over the device once the flaw is successfully utilized.
"The binary responsible appears to be an insecure implementation of an OTA (Over-the-air) mechanism for device updates associated to the software company, Ragentek Group, in China. All transactions from the binary to the third-party endpoint occur over an unencrypted channel, which not only exposes user-specific information during these communications, but would allow an adversary to issue commands supported by the protocol," security researchers at BitSight said in a blog.
Many of the affected devices are in use in the US. Of them, phones from US-based smartphone brand, BLU are most affected, with the number sitting at 26 percent. On second place is Infinix with a percentage of 11. Doogee sits at 8 percent, with Xolo and Leagoo sitting at 4 percent each. 47 percent of the total devices are so covert that it can’t be found who the manufacturer is.
Read more -here-