Android Trojan Detected On Philips s307 Smartphone
In a previous year, so many firmware Trojan for the android phone were identified which possess the capability of downloading and installing various software and displaying annoying advertisements.
"Android.Cooee.1" is one of them which incorporated into the graphical shell of some cheap Chinese smartphones. Doctor Web security researchers detected the Trojan on the firmware of a well-known electronics manufacturer.
Doctor Web: It is a 100% Russian company whose goal is to develop the highest grade anti-virus protection, providing an insuperable barrier to all present-day and future computer threats without exception.
Previously it has been discovered on the Oysters T104 HVi 3G tablet, and G DATA found malware pre-installed on the firmware of 23 Android smartphone models by Dr. Web.
Android.cooee.1: It is a firmware Trojan for android devices that contains some unique modules responsible for showing advertisements. The recent cases of android firmware prove that cyber-criminals activity is increasing as it was detected on Philips s307.
It is capable of displaying advertisements in the status bar, in full screen, or on top of running applications along with it can show video ads and animation on the home screen.
Trojan starts performing its activities after some time not exactly after the first running of the system. It starts displaying advertisements which are unnoticed by the owner of the infected device because it seems to them that advertisements are shown by applications that were installed during device usage.
The software that is downloaded by this malware is installed without user knowledge. It downloads malicious applications like SMS and downloader Trojans and even banking Trojans that can covertly steal money from users’ bank accounts.
As this malware is incorporated into the firmware, You can’t get rid of the Trojan by restoring default settings of the device. But if you gain root privileges then it may be possible solutions but it will render the device “dead”. So, if the user removes the graphical shell containing Android.Cooee.1, next time the device is turned on, the operating system will not load because the launcher program,that contains the Trojan, is responsible for the normal system loading.
So, before uninstalling the malicious launcher, users are recommended to install some other launching application and set it as default. Your official manufacturer’s warranty becomes invalid if you have a root privileges and due to which there is high-risk of making the device non-operational.
So, contact the manufacturer of the device and ask them to release a firmware update without the Trojan as a solution.