Security News > 2021 > April > Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update
Roid smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.
The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending people text messages to further spread the malware, say researchers and users.
Gigaset told the news website the incident only affects "Older devices," and that it would provide more details soon.
The antivirus biz identified two of the malware strains emanating from Gigaset as Android/Trojan.
The attack vector is a system update application, identified as com.
Malwarebytes' Nathan Collier speculated in a post that crooks had compromised Gigaset's update servers to distribute the Trojans, a scenario Heise's reporting - and this Google support thread - tends to confirm.
News URL
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- Revival Hijack supply-chain attack threatens 22,000 PyPI packages (source)
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Chinese hackers use new data theft malware in govt attacks (source)