Data thieves find a new angle of attack
The message that downloading suspicious apps can land with you a phone full of malware is finally gaining ground, but what if your phone comes straight from the factory with nasty software already installed?
Well, if you ordered a Star N9500 Android phone from any number of well-known online retailers, yours just may have. German security vendor G Data discovered the malware, and shared information on this new angle of attack:
The malware is disguised as the Google Play Store and is part of the pre-installed Android apps. The spyware runs in the background and cannot be detected by users. Unbeknownst to the user, the smartphone sends personal data to a server located in China and is able to covertly install additional applications.
This makes it possible to retrieve personal data, intercept calls and online banking data, read emails and text messages or control the camera and microphone remotely.
To say that smartphones coming installed with malware straight out of the box is a crisis management concern is an understatement. Access to every piece of data, every login, and remote camera/microphone control…the possibilities for blackmail and corporate espionage are mind-boggling.
An interesting note – the Star N9500’s price is extremely low for the features it offers, a fact G Data believes was meant to lure users in, with the seller’s income being supplemented by the sale of data records stolen from purchasers. Once again, “if it sounds too good to be true, it probably is” proves to be good advice for all areas of life.
The BCM Blogging Team
https://www.bernsteincrisismanagement.com