Pages:
Author

Topic: Factory pre-installed malware threaten Bitcoin users and privacy - page 2. (Read 1193 times)

sr. member
Activity: 431
Merit: 250
im guessing you also bought it via ebay.. as thats another way people get trojan riddled devices

Nope problem is it's factory sealed, all in place, even temper proof.
legendary
Activity: 4424
Merit: 4794
im guessing you also bought it via ebay.. as thats another way people get trojan riddled devices
sr. member
Activity: 431
Merit: 250
Confirmed pre-installed factory app on an unbranded MTK device that did steal my DATA folder including encrypted wallets, the app was a flashlight that can read:

Contacts
SD card
Microphone
network
gps

and literally it had permission for everything including NFC which I don't even have on phone, so it's a universal app that factory install on all of their devices.

This is a warning to anyone with unbranded phone that even if you be-careful and not install apps or malware it can be already on your phone from the factory.

The origin of this phone is a small brand from India manufactured in china, and no I am not on any of those countries this was imported here by merchants.

I would recommend you to read permissions for any of the apps that you suspect, also install network monitor and check which applications are using the network.

in my case the pre loaded flashlight was very active, since I am rooted I was able to trace an IP, the data was not even encrypted so thx god my wallet backups are, all data was being passed through port 80, which is a common port not only for web browsing but also for most botnets, because who is gonna suspect or block it? so yeah it's an HTTP botnet.
I will analyze the internals of the app to figure out more, for now I have frozen the app.

Again, please don't trust unbranded phones, I wonder how many was ripped off their wallets or personal information from this method.
Pages:
Jump to: