Android Smartphones pre-infected with malware before purchase


Well-Known Member
Android ALERT - Own one of THESE phones? Your device could be loaded with malware

Speaking about how devices were infected with RottenSys, Check Point said: "In the list of observed malware distribution channels, we saw two names which suggest a possible connection to a Hangzhou based mobile phone supply chain distributor Tian Pai.

"Tian Pai related channels contribute 49.2% of the total number of infested devices that we observed.

"According to China National Enterprise Credit Information Publicity System, Tian Pai offers a wide range of services from presales customization, online/offline wholesale to customer care. It covers regional sales of top brands in the market such as Samsung, HTC, Apple, Xiaomi, ZTE, Coolpad, Lenovo, and Huawei.

"Tian Pai may not be a direct participant in the campaign. Yet, this correlates with our hypothesis that the malware entered the user’s device before purchase."
To check if your Android device is infected with the RottenSys malware, head to the Android system settings.

Then, Check Point advised, go to the App Manager and check for the following malware packages and uninstall them:

• android.yellowcalendarz

• changmi.launcher


• system.service.zdsgt