So far, two unidentified vendors have been found selling smartphones from a variety of manufacturers containing malware from two different and particularly nasty families of malware: SLocker and Loki.
In all, at least thirty-six different models have been discovered, including phones from:
• Lenovo
• Oppo
• Nexus
• Asus
• LG
• Xiaomi
• Samsung
And others. As you can see, these are some very big names in smartphone manufacturing.
It’s important to note that the malware was not on the phones in question when they left their respective manufacturers. The malicious code was inserted later, at some point along the supply chain.
This is an especially dark development, because in both cases, the malware is especially vile.
Loki made its first appearance in 2016 and is highly advanced. It is a Trojan that coopts the Android OS, giving root-level permission to itself and any other software installed on its heels.
That means that the hacker who controls it has access to your browsing history, call history, location data, contact list and more.
SLocker is certainly no better. It is a mobile ransomware that locks the owner’s device, then demands a ransom, payable in bitcoins. It’s a grim piece of malware for two reasons. First, because it communicates with its creators via TOR, it’s virtually impossible to track and identify the hackers. Second, in addition to locking the device, it gives the app controller unfettered access to everything on it.
Here’s the complete list of smartphones that have been identified. It’s worth noting that not every unit sold from these models will be infected, but these are the models at risk:
• Asus Zenfone 2
• Galaxy A5
• Galaxy Note Edge
• Galaxy Note 2
• Galaxy Note 3
• Galaxy S4
• Galaxy Note 4
• Galaxy Note 5
• Galaxy S7
• Galaxy Tab S2
• Galaxy Tab 2
• Lenovo A850
• LenovoS90
• LG G4
• Nexus 5
• Nexus 5X
• Oppo N3
• OppoR7 plus
• Vivo X6 plus
• Xiaomi Mi 4i
• Xiaomi Redmi
• ZTE x500