Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.
A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores
The expert noticed that several push-button telephones contain unwanted undocumented functions such as automatically sending SMS messages or going online to transmit purchase data or phone info (IMEI and SIM-cards IMSI). The researcher spotted a built-in Trojan that sends paid SMS messages to short numbers in some models, other devices contained a backdoor that sends incoming SMS messages to the attackers’ server. All the remote servers contacted by the devices were located in China,
The tainted push-button devices are DEXP SD2810, Itel it2160, Irbis SF63, and F+ Flip 3.
The researchers analyzed the firmware and set up a 2G base station in order to intercept and analyze the devices’ communications.
The expert analyzed 5 models and only one of them, the Inoi 101 was clean. Below is the list of the tested devices and the behavior they were exhibiting.
Support the originator by clicking the read the rest link below.