Security News > 2021 > April > Gigaset Android Update Server Hacked to Install Malware on Users' Devices

Gigaset has revealed a malware infection discovered in its Android devices was the result of a compromise of a server belonging to an external update service provider.
Impacting older smartphone models - GS100, GS160, GS170, GS180, GS270, and GS370 series - the malware took the form of multiple unwanted apps that were downloaded and installed through a pre-installed system update app.
The German manufacturer of telecommunications devices said it took steps to alert the update service provider of the issue, following which further infections were prevented on April 7.
"Measures have been taken to automatically rid infected devices of the malware. In order for this to happen the devices must be connected to the internet. We also recommend connecting the devices to their chargers. Affected devices should automatically be freed from the malware within 8 hours," the company said in a statement shared with The Hacker News.
The full list of malware apps installed on the devices include -.
Gigaset has also urged users to check for signs of any infection by visiting the Settings app and manually uninstall the apps in question, in addition to installing all software updates that may be available for the device.
News URL
Related news
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers (source)