It’s about three years ago that the malware was detected, however, was later found to have evolved. Now Google has confirmed that several Android devices had come with pre-installed backdoors right out of the box.
It was in 2016 when it was first reported by the Russia based cyber security provider Kaspersky Lab that the malware called Triada was initially a Trojan that had been obtained root privileges and displayed pushy ads on a user’s phone. At that time Google virus analysts managed to clean out from all Android devices, although in 2017 summers it became clear that Triada had advanced from a rooting Trojan into a pre-installed Android framework.
As per Russian anti-malware company Doctor Web, the latest and more elusive as well as the sophisticated iteration of the virus was embedded into the source code of the system library on Android phones. It can prove to be more dangerous and capable of smuggling many Trojan modules into the procedures of any application. They are dangerous as they can steal personal data from bank applications or else intercept correspondence on social media. The new Trojan was now installed deep in the system segment, and it became impossible to get rid of it with special apps. However, the only method to remove it is to erase the phone as well as install clean firmware.
As per Lukasz Siewierski from the Android security as well as privacy group Triada was pre installed throughout the production process only. He also supposed that a vendor utilizing the name Yehuo or Blazefire which offered extra features to the original manufacturer had been delivering an infected Android application.
From the blog post, it is still uncertain that which smart phones manufacturers along with which models were affected. Previously Bleeping Computer reported that the virus was there in over 40 models; initially in low cast smart phones sold in China, Poland, Indonesia, Serbia, Kazakhstan and the Czech Republic.
Lukasz Siewierski wrote that ‘we coordinated with the affected OEMs to offer system updates and also to remove traces of Triada. We also scanned for Triada along with same threats on all Android smart phones. OEMs guarantee that all third-party code is reviewed and also can be easily tracked to its source.’