yitit
Home
/
Software
/
3 Million Android Smartphones Found to Have a Powerful Backdoor Preinstalled on Them
3 Million Android Smartphones Found to Have a Powerful Backdoor Preinstalled on Them-May 2024
May 14, 2025 7:45 PM

We weren't completely over with the recentBLU situation and now it has come to our knowledge that a whopping 3 million Android devices worldwide were found to have apowerful backdoor installed on them.

Powerful Rootkit / Backdoor Found Preinstalled on 3 Million Android Devices - Sound the Alarms!

Android isn't all that great when it comes to security, mainly due to the lack of control by Google over how the software works. Pick up the source code, write drivers for it, and you're good to go. This also means you can throw in a few unsuspected things into the mix as well - such as a rootkit or backdoor, allowing remote access to the device and snoop in on the content whenever needed.

On 3 million Android smartphonesworldwide, with majorityof them in the United States, a ruthless backdoor / rootkit was discovered, allowing an attacker to take complete control over the deviceonce the flaw issuccessfully utilized. The most alarming thing about this whole situation is that everything happens remotely, so you do not have to be tethered to anything in order for the ship to go down.

Until recently, the flaw could have been exploited by anyone who took the time to obtain two Internet domains that remained unregistered despite being hardwired into the firmware that introduced the vulnerability. After discovering the vulnerability, researchers from security ratings firm BitSight Technologies registered the addresses and control them to this day. Even now, the failure of the buggy firmware to encrypt communications sent to a server located in China makes code-execution attacks possible when phones don't use virtual private networking software when connecting to public hotspots and other unsecured networks.

Of all the affected devices, phones by BLU are most affected, with the number sitting at 26 percent. On second place is Infinix with a percentage of 11. Doogee sits at 8 percent, with Xoloand Leagoo sitting at 4 percent each. 47 percent of the total devices are so covert that it can't be found who the manufacturer is. But in the coming days more information will be revealed for sure.

This is a rather alarming situation given how devices from almost all sort of day to day sectors, such as health, banking, government etc. are using affected devices.

People who are concerned their phone may run the firmware may also contact the manufacturer. So far, according to both BitSight and the CERT advisory, only BLU Products has released an update that addresses the vulnerability. It's not clear if it will be installed automatically or if users must manually apply it, and BitSight researchers have not yet tested the patch to evaluate its effectiveness.

The best advice to give right now is to avoid unsecured network and use a VPN wherever possible.

SourceVia

Comments
Welcome to yitit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Login to display more comments
Software
Recent News
Nokia Ovi Suite 2.0 Preview
Nokia Ovi Suite 2.0 Preview
5 Most Useful Apps in Ovi Store
5 Most Useful Apps in Ovi Store
Samsung Galaxy Spica Gets Official Android 2.1 Upgrade
Samsung Galaxy Spica Gets Official Android 2.1 Upgrade
Verizon Droid Update Delayed Indefinitely?
Verizon Droid Update Delayed Indefinitely?
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
yitit Hardware Computing Mobile Finance Software Deals
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2025 - www.yitit.com All Rights Reserved