Security News > 2021 > April > Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update
Roid smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack.
The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending people text messages to further spread the malware, say researchers and users.
Gigaset told the news website the incident only affects "Older devices," and that it would provide more details soon.
The antivirus biz identified two of the malware strains emanating from Gigaset as Android/Trojan.
The attack vector is a system update application, identified as com.
Malwarebytes' Nathan Collier speculated in a post that crooks had compromised Gigaset's update servers to distribute the Trojans, a scenario Heise's reporting - and this Google support thread - tends to confirm.
News URL
Related news
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- TrickMo malware steals Android PINs using fake lock screen (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Samsung phone users under attack, Google warns (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)