Security News > 2021 > April > Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update
Roid smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.
The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending people text messages to further spread the malware, say researchers and users.
Gigaset told the news website the incident only affects "Older devices," and that it would provide more details soon.
The antivirus biz identified two of the malware strains emanating from Gigaset as Android/Trojan.
The attack vector is a system update application, identified as com.
Malwarebytes' Nathan Collier speculated in a post that crooks had compromised Gigaset's update servers to distribute the Trojans, a scenario Heise's reporting - and this Google support thread - tends to confirm.
News URL
Related news
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Cyber crooks push Android malware via letter (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- SpyLoan Android malware on Google play installed 8 million times (source)