The thumb-rule to avoid malware on any device is to stay away for sketchy websites and apps. However, what do you do when the malware comes built-in on the device? According to a new report, a handful of Android devices have been coming with an adware pre-installed on their system. Most of the devices belong to smartphone makers such as ZTE, Archos, and myPhone that are uncertified by Google.
Avast Threat Labs was the first to report the malware, which it claims goes by the name of “Cosiloon”. Avast identified that the malware is not really installed on the phone but comes with a “dropper” program that is integrated within the device’s firmware. These programs then reach out to the server and download the payload, once the device is connected to the internet.
After being affected, users will start seeing ads from Google, Facebook and Baidu ad frameworks, while using various apps on the smartphone. The ads are in reference to a sketchy game and will appear right in the middle or at the bottom of the display as a banner. The ads are difficult to avoid and the fact that the adware is integrated with the device’s firmware, makes them difficult to remove. According to Avast, the countries that are affected by the malware are Russia, Italy, Germany, the United Kingdom, Ukraine, Portugal, Venezuela, Greece, France, and Romania.
Watch: Huawei P20 Pro Review
Servers carrying the Cosiloon adware were detected and disabled on request by Avast. However, they were quickly restored using a different provider. This means that the adware is still being distributed to the devices. Avast suggested that the best way to get rid of the adware is by going into the device’s settings app and then disabling the dropper from there. If the payload has already been downloaded, then an Antivirus can be used to uninstall it after the disabling the dropper.