This hardware is mainly cheapo Android mobile devices, though smartwatches, TVs, and other things are caught up in it.
The gadgets have their manufacturing outsourced to an original equipment manufacturer (OEM).
That outsourcing makes it possible for someone in the manufacturing pipeline – such as a firmware supplier – to infect products with malicious code as they ship out, the researchers said.
This has been going on for a while, we think; for example, we wrote about a similar headache in 2017.
The Trend Micro folks characterized the threat today as “a growing problem for regular users and enterprises.” So, consider this a reminder and a heads-up all in one.
“What is the easiest way to infect millions of devices?” posed senior Trend Micro researcher Fyodor Yarochkin, speaking alongside colleague Zhengyu Dong at the conference in Singapore.
Yarochkin compared infiltrating devices at such an early stage of their life cycle to a tree absorbing liquid: you put the infection at the root, and it gets distributed everywhere, out to every single limb and leaf.
Full Link ( Here )
© CopyRights RawNews1st
