Low-Priced Android Phones Shipped with Pre-installed ‘Cosiloon’ Malware, Says Avast


Are you thinking about settling for a cheaper Android phone? You might want to reconsider this decision. A study conducted by Avast Threat Labs reports that several Android devices are shipped with malware pre-installed on them.

The report says that more than 100 countries, including the US, Russia, and the UK have been affected by the adware and malware which is carried by hundreds of such low-cost Android devices, which includes manufacturers like ZTE, myPhone, and Archos.

This adware called “Cosiloon” has been active for three years and was first spotted by Dr. Web in 2016. Also, removing it is extremely difficult since the adware is seated in the device’s firmware.

So far, Avast has found its presence across 18,000 of its user devices. Google has been informed about the malware by Avast, and the tech giant has “taken steps to mitigate the malicious capabilities of many app variants on several device models, using internally developed techniques.”

Tweaks have been done in Google Play Protect to make sure that apps with such malware are not rolled out in future. Google has also contacted the firmware developers and has urged them to take the necessary actions to address the issue.

The adware causes a plethora of popup ads to feature in user’s browser and thus obscure the screen. The malware has two major parts: Dropper and Payload.

In the report by Avast, two variants of droppers have been identified for delivering the trouble-causing payloads in the smartphones.

More than 100 payloads have been found in the affected devices; out of which only two are visible as apps on the home screen. One payload was hidden in the app named ‘Goolge Contacts’. Other variants of the payload were found in the system application list with names such as “MediaService”, “VPlayer” and “eVideo2Service”.

If you fall into the category of affected users, you can download Avast antivirus, or you can refer the official blog post by Avast.

Also Read: FBI: Reboot Your Router Now To Fight Malware That Affected 500,000 Routers
Anmol Sachdeva

Anmol Sachdeva

Anmol is a tech journalist who handles reportage of cybersecurity and Apple and OnePlus devices at Fossbytes. He's an ambivert who is striving hard to appease existential crisis by eating, writing, and scrolling through memes.
More From Fossbytes

Latest On Fossbytes

Find your dream job