A report made by Avast this morning delivered a list of devices with malware right out the box. I’d love to say this was a surprise, but it wasn’t. Devices on the list published by Avast come from brand we’ve known to do devious deeds in the past. Let’s take a look at this list and discuss why these brands need to be avoided and/or shut down by consumers completely.
The culprit in this list’s case goes by the name “Cosiloon.” It’s adware, which means it’s delivering ads to the end user in places they’d not normally see ads. In this case, it means advertisements are appearing over the Google Play app store and Google Chrome – and it’s not really Google’s fault.
The vast majority of the devices on the list are NOT Google certified. That means that Android was loaded to these devices without Google. That’s completely legal, as Android is an open source piece of software. It’s through Google Certification that manufacturers get Google’s stamp of approval and GENUINE access to the Google Play app store.
NOTE: Google Play, Google Chrome, and a whole bunch of other Android apps can be side-loaded to devices without Google’s consent. Google doesn’t allow Google Play to be side-loaded like this legally. Part of the malicious bit of this list is the illegally modified nature of the apps loaded to these devices.
I have NO IDEA how the very few Google Certified devices on this list made it through the approval process. Unless they loaded additional software to these devices AFTER Google took a peek. But who knows? What’s important right now is the track record of the manufacturers on this list.
The full list can be found over at Google Docs in a document created by Avast. “This list contains only devices that had more than 10 unique users in last month,” said Avast. “There is about 800 more device types that had less. The list is sorted by the amount of detections.”
Brands that stick out to my eyes:
You won’t find the name MediaTek there on the list, but as Avast suggested this morning, most if not all of the devices on the list run a MediaTek processor. “The list is likely so extensive because the malware was part of a chipset platform package which is reused for many similar devices with different brand names,” said Vojtech Bocek of Avast Software. “We cross-checked many, but not all of the devices, and noticed that the chipset on the devices we inspected was from MediaTek.”
Keep an eye on these brands and ask yourself more than once: Archos, ZTE, where have I heard those names before? Oh that’s right, I saw on SlashGear that they served AdUps malware to their users in phones and tablets. Better be cautious.