Of course, this malware is affected by many smart phones manufactured by Chinese companies and on top of it. The researchers found that these phones contain this malicious software in advance and are phones from Huawei, OPPO, VIVO and other Chinese companies. So far, the only thing shared by infected devices is that they were all shipped by a Chinese distributor known as Tian Pai. It is not currently known whether the distributor has any responsibility for this.
How does RottenSys work?
Researchers at the Check Point Mobile Security Team, which revealed RottenSys, said that the malicious virus pre-installed on the devices is a very dangerous malware that can get most of the permissions of the Android system that will later allow hackers behind the virus to perform a variety of suspicious tasks on phones Smart affected. To avoid any suspicion, this virus is hidden as a Wi-Fi application and does not appear to be anything serious at first glance. Also, in order to remain hidden and undetected, it does not initially do anything harmful or suspicious within the target device. RottenSys activity has been delayed to avoid detection. Once RottenSys is activated, it connects to the intruder's servers.
What are the uses of this malicious code?
Currently, according to cyber security experts, RottenSys is used primarily to display ads and pop-ups on screens of affected devices. With this illegal ad campaign, malware developers can make a big profit by applying the pay-per-click form. However, this usage is not the only problem with RottenSys. The researchers cautioned that since malware can download other components on affected machines without requiring permission from the user, the virus may be used in a variety of other, more harmful ways.
Moreover, there is already information that many Android smartphones have already been made part of the massive robots under the control of malware. Because of the wide-ranging capabilities of the virus and the extensive benefits it can acquire on infected devices, there are many different ways in which it can be exploited in the future. Therefore, experts recommend the owners of smartphones from the above brands that were purchased during the past two years to check their application managers and if they contain one of the following applications you should remove them.
com. android.services.securewifi (系统 WIFI 服务)
com. android.yellowcalendarz (每日 黄 历)
com. system.service.zdsgt
com. changmi.launcher (畅 米 桌面)
Currently, according to cyber security experts, RottenSys is used primarily to display ads and pop-ups on screens of affected devices. With this illegal ad campaign, malware developers can make a big profit by applying the pay-per-click form. However, this usage is not the only problem with RottenSys. The researchers cautioned that since malware can download other components on affected machines without requiring permission from the user, the virus may be used in a variety of other, more harmful ways.
Moreover, there is already information that many Android smartphones have already been made part of the massive robots under the control of malware. Because of the wide-ranging capabilities of the virus and the extensive benefits it can acquire on infected devices, there are many different ways in which it can be exploited in the future. Therefore, experts recommend the owners of smartphones from the above brands that were purchased during the past two years to check their application managers and if they contain one of the following applications you should remove them.
com. android.services.securewifi (系统 WIFI 服务)
com. android.yellowcalendarz (每日 黄 历)
com. system.service.zdsgt
com. changmi.launcher (畅 米 桌面)
