Reports stated earlier this year, that a banking Trojan named Triada is found on several new Android smartphones. Google confirmed that the installment of a backdoor as a part of the supply chain attack. Thus, it implies for Android Smartphone Security.
For a better understanding of this, you have to return to 2016 when the researchers of Kaspersky Lab first uncovered the most developed mobile Trojans Kaspersky malware. The analysts titled Trojan as “Triada”. Also, they explained its existence particularly in the smartphone’s RAM by applying root privileges in order to replace your system files with malicious ones.
Features of Triada
Once you install Triada in your smartphone, it’s main purpose was to install applications for sending spams and displaying ads. It contains a kit of tools, inclusive of rooting exploits which can bypass into Android built-in security protections. In addition, it also modifies the Android OS’ Zygote process. This implies the malware can tamper directly with each and every installed application. Also, Triada is connected to 17 command & control servers.
Android Security Concerns
As per a report of Lukasz Siewierski, a crew from the Android Safety and Privateness on goggle’s safety web blog, a detailed in-depth investigation of Trojan is going on. This is not only an addition to the elements lacking in the puzzle of Trojan. It also confirmed that backdoor exists in almost every brand new Android smartphone.
Siewierski said that a third party contaminated the Android system at the time of the production process. If a tool producer makes an attempt for incorporating options that originally did not form part of the Android Open Source Project, the face unlock system will solve the issue. It will interact with the third party regarding this and sends them your entire system picture for the improvement.
On the basis of analysis, Siewierski said that Google believes that a vendor with the name Blazefire or Yehuo infected with the returned system image of Triada. Bleeping Computer report states, a complete list of 42 price range smartphones bought in China will get discovered.
Thus, the backdoor focusses on pre-installing right from the manufacturing of smartphones. It basically provides chain assault. Unlikely, Backdoor is not something you are not impacted with. However, if you have imported any such smartphone from China, Google assures you of handling the menace.
This is Not the Beginning
Last year, Google launched a program needing manufacturers to endure new build images in order to build a test suite. One of the security test scans executed for the pre-installed PHAs is included in the system image. This is as per the Google officials who wrote in their review report of Android Security & Privacy year 2018.
They also said if they found any PHA on the build, they will work with the OEM partner to remove and remediate the PHA from the build before it reached the users.
Final Note
As per Google, working and supplying instructions to OEMs will remove the threat from your devices. It is also reducing the spread of Triada variants and erased infections from your devices with the help of OTA updates.
Siewierski said that Google is performing a safety overview of the system pictures with the indicators of Triada which includes within the scan. The Triada case sets a picture of how these authors of Android malware are becoming more proficient.
Additionally, Google Play Protect tracts and deletes Triada or any other associated applications it detects on users’ devices for solving Android Smartphone Security.