• The DigitalBank Vault

German cyber-security agency warns against buying or using four low-end smartphone models.



The German Federal Office for Information Security (or the Bundesamt für Sicherheit in der Informationstechnik -BSI) has issued security alerts today warning about dangerous backdoor malware found embedded in the firmware of at least four smartphone models sold in the country.


Impacted models include the Doogee BL7000, the M-Horse Pure 1, the Keecoo P11, and the VKworld Mix Plus (malware present in the firmware, but inactive). All four are low-end Android smartphones.


Phones infected with backdoor trojan

The BSI said the phones' firmware contained a backdoor trojan named Andr/Xgen2-CY.


UK cyber-security firm Sophos Labs first spotted this malware strain in October 2018. In a report it published at the time, Sophos said the malware was embedded inside an app named SoundRecorder, included by default on uleFone S8 Pro smartphones.


Sophos said Andr/Xgen2-CY was designed to work as an unremovable backdoor on infected phones.

The malware's basic design was to start running once the phone was turned on, collect details about an infected phone, ping back its command-and-control server, and wait for future instructions.

10 views

DigitalBank Vault Limited

Irish Square, Upper Denbigh Road, 

St Asaph Denbighshire LL17 0RN, UK

Company number 11988551

(Limited Liability Registered in England & Wales)

International Calls & Whatsapp  : +372 57347873

 

Contact Email : team@digitalbank.capital  

Telegram : @timothyweiss 

LinkedIn:  http://linkedin.com/in/moty-weissbrot-42bb06162