back to article Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update

Android smartphones from Gigaset have been infected by malware direct from the manufacturer in what appears to be a supply-chain attack. The Trojan, once downloaded and installed on a victim's device via a poisoned software update from the vendor, is capable of opening browser windows, fetching more malicious apps, and sending …

  1. Andy Non Silver badge

    "We take the issue very seriously"

    That's all right then.

    1. HildyJ Silver badge
      Devil

      Re: "We take the issue very seriously"

      The tech equivalent of "thoughts and prayers."

      1. Short Fat Bald Hairy Man

        Re: "We take the issue very seriously"

        We need to follow the Steve Jobs car model, a new phone every 6 months or so.

        Or stick with the old indestructible Nokia models. I used mine for 10 years, even the battery was okay. A friend, last heard, had his for 11 years. But then, no apps, well actually that looks good!

        1. Anonymous Coward
          Anonymous Coward

          Re: "We take the issue very seriously"

          The Android model, you mean? Because if anyone does disposable well, its the (non flagship) Android market.

  2. Lorribot Silver badge

    Have they thought of a free brand new clensed phone for all affected customers?

  3. Shadow Systems Silver badge

    Turn it off?

    Then how are you supposed to know if/when it's safe to ever turn it back on again? Unless you've got a second device with which to access the internet (not a given) & can look up said device safety status, the customer is now the unfortunate owner of a brick.

    I wish I could say something funny to take the sting out of the situation, but GFDI this is enough to make me wish company execs could be held personally, criminally, financially liable for stuff like this. =-\

    1. JimPoak

      Re: Turn it off?

      I'm sorry but is this another way of say your mobile phone is toast. It's bad enough that android grasses you up every ware you go. I won't take it anywhere because it logs my movements. Until I can install a new ROM mine is toast!.

  4. mark l 2 Silver badge

    I had a similar issue with a Doogee phone a few years ago, and a solution until I found a clean ROM to reflash was to install the Noroot firewall app and then block everything from access the internet other than known safe apps. This stopped the malware being able to dial home. And then I was able to disable a couple of the malware apps from running.

    Not ideal but at least it allowed me to carry on using the phone for none sensitive use for a while until i could fix

  5. Anonymous Coward
    Anonymous Coward

    Surprised?

    Oh, what a surprise! Gigs set is Chinese owned. https://www.google.com.au/amp/s/www.archyde.com/gigaset-owner-from-china-is-fighting-for-his-fortune/amp/

    1. Gene Cash Silver badge

      Re: Surprised?

      C'mon now, an El Reg commentard should know better than an AMP link...

  6. Dave 15 Silver badge

    Remove battery and sim

    Well today it's possible to get the SIM out. But the battery? I am not familiar with these phones but most modern phones the battery is glued in and not removable. Even the crappy Nokia in my hand can't have the battery removed unlike it's better performing more stable symbian based predecessors. My blackberry removed various components itself as the battery swelled and unstuck everything. All is built cheaply and nastily in China and sold as a premium though shit product in the west. I had to power cycle the screen while writing this on my noiacrapdroid as the text box froze while typing and switch off and on is the only fix... Shit, total crap, software is no longer tested despite the test harnesses

  7. Warm Braw Silver badge

    Siemens Home and Office Communications Devices

    Clearly I'm not the only one to have been SHOCD.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021