Rottensys Preinstalled on 5 Million Phones in 2016 in Samsung, Huawei, Xiaomi, Honor, Oppo, Vivo and Gionee

Rottensys preinstalled on 5 million phones in 2016, somewhere along Chinese supply chain.
The infected brands include the top Android phones in the market such as Samsung, Xiaomi, Honor, Oppo, Vivo, Huawei and Gionee.Rottensys preinstalled on 5 million phones in 2016, somewhere along Chinese supply chain.
The infected brands include the top Android phones in the market such as Samsung, Xiaomi, Honor, Oppo, Vivo, Huawei and Gionee.All the infected devices have been distributed by an outsourced mobile phone supply chain distributor called Tian Pai, which is in Hangzhou, China.

https://www.cyber.nj.gov/threat-profiles/android-malware-var…
https://www.trendmicro.com/vinfo/us/security/news/cybercrime…
https://blog.avira.com/rottensys-preinstalled-malware/
https://www.pcauthority.com.au/news/chinese-hackers-building…
https://www.theinquirer.net/inquirer/news/3028610/rottensys-…
https://howtoremove.guide/rottensys-malware-android/

Comments

  • +3

    This should be the first line in any article:
    the TLDR
    From linked TrendMicro page

    How can users mitigate RottenSys?
    Users can uninstall RottenSys by going to the device’s system settings. Under the app manager UI, look for these package names and uninstall them:

    com.android.yellowcalendarz
    com.changmi.launcher
    com.android.services.securewifi
    com.system.service.zdsgt

  • Apple not affected? If not, does that come down to a difference in OS/software?

    Also, how do we know this is isolated to mobile OS? Could PC’s also be impacted by this?

    • +2

      "All the infected devices have been distributed by an outsourced mobile phone supply chain distributor called Tian Pai"

      • 52% of devices found were linked to Tian Pai

      • Ah. Thanks for the info.

Login or Join to leave a comment