Saturday, December 9

Avast: Android Devices Ship with Pre-Installed Malware “Cosiloon”

World’s Major cybersecurity company Avast has reported the presence of pre-installed malware in thousands of Android devices including those from manufacturers like ZTE, Archos and myPhone globally including in India.

Dubbed as “Cosiloon“, is an adware that creates an overlay to display an advertisement over a webpage within the user’s browser, as per a report prepared by Avast Threat Labs.

In its offical statement , Avast said,

Thousands of users are affected and in the past month alone, Avast Threat Labs has seen the latest version of the adware on around 18,000 devices belonging to Avast users located in more than 100 countries, including Russia, Italy, Germany, India, Mexico, the UK as well as some users in the US.

The adware which was first identified by Dr Web, a Russian IT security vendor has said that the adware has been active for last three years and is therefore difficult to completely remove as it is installed within firmware level. Meanwhile, Avast Threats Lab is also in touch with Google and has informed that the search giant has taken steps to mitigate the malicious capabilities of many app variants on several models, using internally developed techniques.

Nikolaos Chrysaidos, Head of Mobile Threat Intelligence and Security at Avast speaking on the latest development said, “Malicious apps can, unfortunately, be installed on firmware level before they are shipped to customers, probably without the manufacturer’s knowledge.”

Hence, users are cautioned to strictly avoid purchasing an uncertified device from unknown OEM to prevent encountering Cosiloon. Moreover, putting one’s personal data into an untrusted device like that is a bad idea for many other reasons. If one is not doing that, there’s no cause for alarm.