Another supply-chain attack? Android maker Gigaset injects malware into victims' phones via poisoned update

Wednesday 7th April 2021 21:01 GMT Andy Non

"We take the issue very seriously"

That's all right then.

20 0 Reply
1. Wednesday 7th April 2021 22:17 GMT HildyJ
  
  Re: "We take the issue very seriously"
  
  The tech equivalent of "thoughts and prayers."
  
  26 0 Reply
  1. Thursday 8th April 2021 05:32 GMT Short Fat Bald Hairy Man
    
    Re: "We take the issue very seriously"
    
    We need to follow the Steve Jobs car model, a new phone every 6 months or so.
    
    Or stick with the old indestructible Nokia models. I used mine for 10 years, even the battery was okay. A friend, last heard, had his for 11 years. But then, no apps, well actually that looks good!
    
    12 0 Reply
    1. Friday 9th April 2021 02:15 GMT Anonymous Coward
      
      Re: "We take the issue very seriously"
      
      The Android model, you mean? Because if anyone does disposable well, its the (non flagship) Android market.
      
      1 0 Reply
Wednesday 7th April 2021 21:41 GMT Lorribot

Have they thought of a free brand new clensed phone for all affected customers?

9 1 Reply
Wednesday 7th April 2021 21:43 GMT Shadow Systems

Turn it off?

Then how are you supposed to know if/when it's safe to ever turn it back on again? Unless you've got a second device with which to access the internet (not a given) & can look up said device safety status, the customer is now the unfortunate owner of a brick.

I wish I could say something funny to take the sting out of the situation, but GFDI this is enough to make me wish company execs could be held personally, criminally, financially liable for stuff like this. =-\

11 0 Reply
1. Sunday 11th April 2021 07:28 GMT JimPoak
  
  Re: Turn it off?
  
  I'm sorry but is this another way of say your mobile phone is toast. It's bad enough that android grasses you up every ware you go. I won't take it anywhere because it logs my movements. Until I can install a new ROM mine is toast!.
  
  0 0 Reply
Wednesday 7th April 2021 21:47 GMT mark l 2

I had a similar issue with a Doogee phone a few years ago, and a solution until I found a clean ROM to reflash was to install the Noroot firewall app and then block everything from access the internet other than known safe apps. This stopped the malware being able to dial home. And then I was able to disable a couple of the malware apps from running.

Not ideal but at least it allowed me to carry on using the phone for none sensitive use for a while until i could fix

6 0 Reply
Wednesday 7th April 2021 23:21 GMT Anonymous Coward

Surprised?

Oh, what a surprise! Gigs set is Chinese owned. https://www.google.com.au/amp/s/www.archyde.com/gigaset-owner-from-china-is-fighting-for-his-fortune/amp/

2 8 Reply
1. Wednesday 7th April 2021 23:57 GMT Gene Cash
  
  Re: Surprised?
  
  C'mon now, an El Reg commentard should know better than an AMP link...
  
  11 0 Reply
Thursday 8th April 2021 04:58 GMT Dave 15

Remove battery and sim

Well today it's possible to get the SIM out. But the battery? I am not familiar with these phones but most modern phones the battery is glued in and not removable. Even the crappy Nokia in my hand can't have the battery removed unlike it's better performing more stable symbian based predecessors. My blackberry removed various components itself as the battery swelled and unstuck everything. All is built cheaply and nastily in China and sold as a premium though shit product in the west. I had to power cycle the screen while writing this on my noiacrapdroid as the text box froze while typing and switch off and on is the only fix... Shit, total crap, software is no longer tested despite the test harnesses

11 0 Reply
Thursday 8th April 2021 09:38 GMT Warm Braw

Siemens Home and Office Communications Devices

Clearly I'm not the only one to have been SHOCD.

7 0 Reply