Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update

Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update

Android smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.


The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending people text messages to further spread the malware, say researchers and users.

The malicious updates were seeded on April 1, judging by reports out of Germany.


Our pals at Heise also reported the wave of infections, whose perpetrators had not been identified at the time of writing. Heise observed this morning: "Permanent removal usually fails," meaning it's difficult to remove the persistent software nasty, adding that Gigaset's "quality assurance department" had confirmed "that the company's update server has delivered the malware."

Gigaset told the news website the incident only affects "older devices," and that it would provide more details soon. Users who head over to firm's forums will find that they are, or were at time of writing, "down for maintenance".


IT now stands for Intermediate Targets: Tech providers pwned by snoops eyeing up customers – report


READ MORE

The Munich-based outfit was formerly known as Siemens Home and Office Communications Devices, according to Malwarebytes. The antivirus biz identified two of the malware strains em ..