Jump to content

Google confirms some Android phones shipped with backdoor

Sauron
Go to solution Solved by Bouzoo,
Quote

Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20

The what, what, what and what?

Sauce

 

Quote

Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday.

Apparently some hackers managed to infiltrate the manufacturing process of some Chinese manufacturers and plant a mean trojan in the firmware.

Quote

In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices, including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. The attackers used the backdoor to surreptitiously download and install modules. Because the backdoor was embedded into one of the OS libraries and located in the system section, it couldn't be deleted using standard methods, the report said.

This is now confirmed by Google; the malware apparently sneaked in through third party proprietary features

Quote

Triada infects device system images through a third party during the production process. Sometimes OEMs want to include features that aren't part of the Android Open Source Project, such as face unlock. The OEM might partner with a third party that can develop the desired feature and send the whole system image to that vendor for development.

Based on analysis, we believe that a vendor using the name Yehuo or Blazefire infected the returned system image with Triada.

 

My take:

That's what you get with proprietary software. It's absurd that a device you bought might have literally anything hidden in its proprietary blob firmware. Makes you wonder how many of these go undetected.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, firelighter487 said:

must.. resist.. iPhone.. comment..

 

meh too easy. iPhones are more secure than android phones. 

are they though? you don't know what's in the firmware.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, Sauron said:

Apparently some hackers managed to infiltrate the manufacturing process of some Chinese manufacturers and plant a mean trojan in the firmware.

insert Curb Your Enthusiam theme

 

Of course it's Chinese manufacturers.

mechanical keyboard switches aficionado & hi-fi audio enthusiast

switch reviews  how i lube mx-style keyboard switches

Link to comment
Share on other sites

Link to post
Share on other sites

11 minutes ago, Bouzoo said:

The what, what, what and what?

Was worried this might be on my Galaxy S8 till I saw those names.

 

loool

Ketchup is better than mustard.

GUI is better than Command Line Interface.

Dubs are better than subs

Link to comment
Share on other sites

Link to post
Share on other sites

8 minutes ago, firelighter487 said:

must.. resist.. iPhone.. comment..

 

meh too easy. iPhones are more secure than android phones. 

I've got tin cans and a piece of string. Try to hack that!

Make sure to quote or tag me (@JoostinOnline) or I won't see your response!

PSU Tier List  |  The Real Reason Delidding Improves Temperatures"2K" does not mean 2560×1440 

Link to comment
Share on other sites

Link to post
Share on other sites

18 minutes ago, JoostinOnline said:

I've got tin cans and a piece of string. Try to hack that!

laughs in TempleOS

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, firelighter487 said:

iPhones are so huge if there was malware on it we'd know by now. 

 

Android is much more widespread. How many people do you know who install anti-malware on their iPhone? Because that's how this was found.

 

Besides, it doesn't need to be a hardcore trojan to be potentially harmful. It could just be a vulnerability. Consider how long it took for the wanacry exploit to be found despite the thousands of security researchers analyzing Windows for years.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, firelighter487 said:

iPhones are so huge if there was malware on it we'd know by now. 

That is a logical fallacy known as "argument from ignorance". 

I think it's foolish to argue that iPhones contains malware (after all, we have little to no evidence for it) but at the same time it shouldn't be ruled out just because a lot of iPhones has been sold. 

 

We didn't have much evidence for the capabilities of the Intel ME until fairly recently despite it being in millions upon millions of devices for many years. 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, LAwLz said:

I think it's foolish to argue that iPhones contains malware (after all, we have little to no evidence for it) but at the same time it shouldn't be ruled out just because a lot of iPhones has been sold. 

sure but saying they are not more secure than android because there is always a potential for malware is also wrong. 

She/Her

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, Bouzoo said:

The what, what, what and what?

They need to Leagoo of their phones before they get hacked.

 

make sure to buy Nomu phones off that vendor 

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, Bouzoo said:

The what, what, what and what?

This sounds like a Rihanna song.

Link to comment
Share on other sites

Link to post
Share on other sites

57 minutes ago, firelighter487 said:

sure but saying they are not more secure than android because there is always a potential for malware is also wrong. 

but so is saying they are more secure in this sense when you simply can't know, which is what I was arguing.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

2 hours ago, Bouzoo said:

The what, what, what and what?

Image result for the bleeps the sweeps and the creeps gif

 

If you dont get this this we cant be friends

"Put as much effort into your question as you'd expect someone to give in an answer"- @Princess Luna

Make sure to Quote posts or tag the person with @[username] so they know you responded to them!

 RGB Build Post 2019 --- Rainbow 🦆 2020 --- Velka 5 V2.0 Build 2021

Purple Build Post ---  Blue Build Post --- Blue Build Post 2018 --- Project ITNOS

CPU i7-4790k    Motherboard Gigabyte Z97N-WIFI    RAM G.Skill Sniper DDR3 1866mhz    GPU EVGA GTX1080Ti FTW3    Case Corsair 380T   

Storage Samsung EVO 250GB, Samsung EVO 1TB, WD Black 3TB, WD Black 5TB    PSU Corsair CX750M    Cooling Cryorig H7 with NF-A12x25

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, TVwazhere said:

If you dont get this this we cant be friends

Awwww, now i am sad.

As #muricaparrotgang's founder, I invite you to join our ranks today.

"My name is Legion 'Murica Parrot Gang, for we are many."

 

(We actually welcome all forms of animated parrot gifs.)

 

The artist formerly known as Aelar_Nailo.

 

Profile Pic designed by the very lovely @Red :)!

Link to comment
Share on other sites

Link to post
Share on other sites

Baby don't hack me, don't hack me, Nomu

Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64

HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64

 

HP Envy x360 BP series Intel 8th gen

AMD ThreadRipper 2!

5820K & 6800K 3-way SLI mobo support list

 

Link to comment
Share on other sites

Link to post
Share on other sites

9 hours ago, firelighter487 said:

iPhones are so huge if there was malware on it we'd know by now. 

 

Android is MASSIVE globally and is used in markets where iPhone practically doesnt even exist. Also Apple is far more selective with what they tell users about what happens to their products. There probably have been (not MAJOR) but big exploits in iPhones that Apple never told the public about.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, NeilGiraffeTyson said:

Android is MASSIVE globally and is used in markets where iPhone practically doesnt even exist.

it's also very fragmented with most devices being badly out of date in terms of security updates, especially in poor country's where Android has a massive marketshare.

She/Her

Link to comment
Share on other sites

Link to post
Share on other sites

4 minutes ago, firelighter487 said:

it's also very fragmented with most devices being badly out of date in terms of security updates, especially in poor country's where Android has a massive marketshare.

That doesn't really matter if the backdoor or vulnerability is in the firmware, that hardly ever gets updated - I'm not even sure most phones are able to update it.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

11 hours ago, Sauron said:

That doesn't really matter if the backdoor or vulnerability is in the firmware, that hardly ever gets updated - I'm not even sure most phones are able to update it.

This ^^^

 

Unless you're using Xioami ot another similar manufacturer which for some reason releases new firmware multiple times per year, the firmware on your phone has probably been never upgraded or jisr upgraded each time a new major version of Android came out for it.

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×