Researchers at Check Point have identified a new type of mobile adware, called RottenSys, that has infected nearly 5 million devices since 2016. The application disguises itself as a “System Wi-Fi Service” on the Android OS and was likely inserted on the devices before they were purchased. The package has the ability to participate in advertisement activities and also has the ability to spy on many applications within the phone. The distributor that initially appears responsible for delivering the phones is Tian Pai, a Chinese based entity.
Technical analysis of application – https://research.checkpoint.com/rottensys-not-secure-wi-fi-service/
Proficio Threat Intelligence Recommendations:
- Be cautious of using phones for business purposes that are from the Chinese distributors that are listed in the above article.