A serious virus in smartphones coming from China Recently, a new malware infection has been discovered on a wide range of Android phones that appear to have affected nearly 5 million devices. The name of the threat is RottenSys. According to researchers, this virus comes preinstalled on newly purchased smartphones.


Of course, this malware is affected by many smart phones manufactured by Chinese companies and on top of it. The researchers found that these phones contain this malicious software in advance and are phones from Huawei, OPPO, VIVO and other Chinese companies. So far, the only thing shared by infected devices is that they were all shipped by a Chinese distributor known as Tian Pai. It is not currently known whether the distributor has any responsibility for this.

How does RottenSys work?


Researchers at the Check Point Mobile Security Team, which revealed RottenSys, said that the malicious virus pre-installed on the devices is a very dangerous malware that can get most of the permissions of the Android system, which will later allow hackers behind the virus to perform a variety of suspicious tasks on phones Smart affected. To avoid any suspicion, this virus is hidden as a Wi-Fi application and does not seem to be anything serious at first glance. Also, in order to remain hidden and undetected, it does not initially do anything harmful or suspicious within the target device. RottenSys activity has been delayed to avoid detection. Once RottenSys is activated, it connects a connection to the servers of the hackers.


What are the uses of this malicious code?

Currently, according to cybersecurity experts, RottenSys is used primarily to display ads and pop-ups on screens of affected devices. With this illegal ad campaign, malware developers can make a big profit by applying the pay-per-click form. However, this usage is not the only problem with RottenSys. The researchers warned that since malware can download other components on affected machines without requiring user permission, the virus may be used in a variety of other, more harmful ways.


Moreover, there is already information that many Android smartphones have already been made part of the massive robots under the control of malware. Because of the wide-ranging capabilities of the virus and the extensive benefits it can acquire on infected devices, there are many different ways in which it can be exploited in the future. Therefore, experts recommend the owners of smartphones from the above brands purchased over the past two years to check their application managers and if they contain one of the following applications you should remove them.

com. android.services.securewifi (系统WIFI服务)
com. android.yellowcalendarz (每日黄历)
com. system.service.zdsgt
com. changmi.launcher (畅米桌面)

Post a Comment

Previous Post Next Post