Researchers over at Check Point Security have discovered a severe infection in 38 Android devices which came pre-installed, belonging to a large telecommunications company, as well as a multinational technology firm.

According to the security firm, the malware arrived before users turned on their handsets for the first time. "The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain," the report stated. It affected many devices from various brands, which include the following:

Samsung Galaxy Note2

LG G4

Samsung Galaxy S7

Samsung Galaxy S4

Samsung Galaxy Note4

Samsung Galaxy Note5

Xiaomi Mi 4i

Xiaomi Redmi

ZTE X500

Samsung Galaxy Note3

Samsung Galaxy Note Edge

Samsung Galaxy Tab S2

Samsung Galaxy A5

Vivo X6 Plus

Asus Zenfone 2

Lenovo S90

Oppo R7 Plus

Oppo N3

Lenovo A850

Most of the malware found pre-installed on affected devices were information stealers and rough ad networks, which included a ransomware called Slocker. This crypto-malware uses AES encryption algorithm to lock a victim's files, and then demands money in exchange of unlocking them.

Check Point notes that the most notable rough adnet to target the devices is the Loki malware. "The malware displays illegitimate advertisements to generate revenue," says the security firm. "As part of its operation, the malware steals data about the device and installs itself to system, allowing it to take full control of the device and achieve persistency."

While it is of course advised to be wary of where we download our apps, it is noted that pre-installed malware is a completely different problem to tackle. Check Point expounds further:

Pre-installed malware compromise the security even of the most careful users. In addition, a user who receives a device already containing malware will not be able to notice any change in the device’s activity which often occur once a malware is installed. The discovery of the pre-installed malware raises some alarming issues regarding mobile security. Users could receive devices which contain backdoors or are rooted without their knowledge.

Those who are interested in knowing more regarding the malware and the affected devices can check out the source link. Also, it is advised to utilize advanced security software which is capable of detecting and blocking malicious software, like Lookout or Malwarebytes Anti-Malware, which can help prevent malicious attacks in the long run.

Source: Check Point Security via The Independent