Security News > 2021 > April > Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update
Roid smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.
The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending people text messages to further spread the malware, say researchers and users.
Gigaset told the news website the incident only affects "Older devices," and that it would provide more details soon.
The antivirus biz identified two of the malware strains emanating from Gigaset as Android/Trojan.
The attack vector is a system update application, identified as com.
Malwarebytes' Nathan Collier speculated in a post that crooks had compromised Gigaset's update servers to distribute the Trojans, a scenario Heise's reporting - and this Google support thread - tends to confirm.
News URL
Related news
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)