At least 36 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi, Asus, Nexus, Oppo, and Lenovo, which are being distributed by two unidentified companies have been found pre-loaded with malware programs.
These malware infected devices were identified after a Check Point malware scan was performed on Android devices. Two malware families were detected on the infected devices: Loki and SLocker.
According to a blog post published Friday by Check Point researchers, these malicious software apps were not part of the official ROM firmware supplied by the smartphone manufacturers but were installed later somewhere along the supply chain, before the handsets arrived at the two companies from the manufacturer's factory.
First seen in February 2016, Loki Trojan inject devices right inside core Android operating system processes to gain powerful root privileges. The trojan also includes spyware-like features, such as grabbing the list of current applications, browser history, contact list, call history, and location data.