Remotely Accessible Preinstalled Backdoor Discovered in Thousands of Android Devices
Security researchers recently uncovered a preinstalled backdoor lurking on thousands of Android devices.
Security researchers recently uncovered a preinstalled backdoor lurking on thousands of Android devices. The backdoor was found to be unusually persistent and difficult to remove, leading to concerns that it could be used to spy on device owners or even access sensitive data stored on the device.
The discovery was made by a team of researchers from the security firm Check Point, which noticed a common code pattern in various trace log files stored on a number of Android devices. The code was found to contain an “open port” that would allow remote access to the device, as well as complex commands that could be used to access various protected data and settings.
The researchers were unable to determine exactly who or what had added the code to the devices, though the presence of identical code patterns on multiple devices suggested that it had been installed by the device‘s original manufacturer. The code was designed to be difficult to remove, as it had been built into various operating system libraries and components, making it resistant to traditional antivirus tools.
The discovery has prompted debate among security experts about how such backdoors can be prevented from being preinstalled on devices. Some have suggested that all new devices be required to undergo mandatory code reviews before being released, while others have argued for the implementation of more stringent security measures to protect users.
Given the prevalence of preinstalled backdoors on Android devices, users are advised to be vigilant when buying new devices and to take extra steps to protect their data. Additionally, users are encouraged to regularly update their devices, as newer operating system updates often contain patches for known vulnerabilities.