Gigaset Handsets Infected With a New Android Malware Via an In-Built App

New Android malware is found to be infecting the Gigaset handsets in Germany, through an inbuilt System Update app. Infected users are seeing the trojan sending messages from regular SMS and WhatsApp, and also redirecting users to malicious game pages to download additional malware. This was confirmed by Gigaset to be a problem from their side and rectified.

Gigaset Handsets Infected With a New Malware

Gigaset Handsets Infected With a New Android Malware Via an In-Built App

A majority of Gigaset phones and some from Siemens and Alps are reported to have been infected with a new Android malware, that’s performing malicious activity in victim’s handsets. As initially reported by Günter Born last week and later covered by Malwarebytes, the System Update is the root cause of all these.

The inbuilt app (com.redstone.ota.ui) is meant for procuring the latest system updates for the handsets from the OEM and even has an auto-installation (Android/PUP.Riskware.Autoins.Redstone) functionality. This said it’s reportedly installing three variants of a trojan (Trojan.Downloader.Agent.WAGD), that can perform sending SMS and WhatsApp texts and redirecting users to malicious game websites to download similar malware apps.

Affected handsets are noted to be of Gigaset GS270, Gigaset GS160, Siemens GS270, Siemens GS160, Alps P40pro, and Alps S20pro+. Messages sent through WhatsApp are aimed at spreading the malware to others. And when checked with Gigaset, the company has confirmed the malware infections as their fault and revealed that’s happening because of a hacked server.

An update server that’s linked to these System Update apps of various devices was hacked, and been used for spreading malware. The issue has been fixed now and a patched update is about to be pushed soon, said Gigaset to Günter Born.

Other Trending News:-  News

LEAVE A REPLY

Please enter your comment!
Please enter your name here