[新聞] 某些高階手機在供應鏈裡被植入了病毒
The Hacker News新聞原文:https://goo.gl/3wGHsE
Checkpoint資安公司的原文:https://goo.gl/QopCHu
大意就是部分手機在供應鏈裡面被植入了病毒
包含一個會顯示廣告、竊取手機個資的病毒 Loki
以及一個加密病毒 會跟你要錢的 Slocker
由於病毒已經獲得了root權限 因此可以為所欲為
被發現預植的手機包括:
LG G4
Nexus 5
Nexus 5X
Galaxy S4
Galaxy S7
Galaxy Note 2
Galaxy Note 3
Galaxy Note 4
Galaxy Note 5
Galaxy Note Edge
Galaxy A5
Galaxy Tab S2
Galaxy Tab 2
Asus Zenfone 2
Xiaomi Mi 4i (小米4i)
Xiaomi Redmi (紅米)
ZTE x500
Oppo N3
Oppo R7 plus
Vivo X6 plus
Lenovo S90
Lenovo A850
完整的表格在這裡(字很小)
依序是App名稱 SHA雜湊 以及宿主
http://i.imgur.com/6ltD67b.jpg
解毒的方法包括重新flash原廠的韌體
或者是取得root權限後解除安裝那些App
最後強調一下
大家不必驚慌 不必驚慌 不必驚慌
很重要 要說三次
這些手機都不是在出廠時就被植入的
而是在運輸過程中(原廠→→→消費者)受害的
由於原文沒有提到受害者的分佈
(雖然有Vivo來看 我認為是大陸所為)
因此無法猜測是否會影響到臺灣
謝謝大家
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 140.112.241.89
※ 文章網址: https://www.ptt.cc/bbs/MobileComm/M.1489253486.A.501.html
推
03/12 01:35, , 1F
03/12 01:35, 1F
→
03/12 01:35, , 2F
03/12 01:35, 2F
推
03/12 01:36, , 3F
03/12 01:36, 3F
推
03/12 01:36, , 4F
03/12 01:36, 4F
推
03/12 01:37, , 5F
03/12 01:37, 5F
推
03/12 01:39, , 6F
03/12 01:39, 6F
推
03/12 01:39, , 7F
03/12 01:39, 7F
→
03/12 01:40, , 8F
03/12 01:40, 8F
→
03/12 01:40, , 9F
03/12 01:40, 9F
推
03/12 01:40, , 10F
03/12 01:40, 10F
→
03/12 01:41, , 11F
03/12 01:41, 11F
→
03/12 01:41, , 12F
03/12 01:41, 12F
→
03/12 01:41, , 13F
03/12 01:41, 13F
→
03/12 01:41, , 14F
03/12 01:41, 14F
推
03/12 01:43, , 15F
03/12 01:43, 15F
→
03/12 01:43, , 16F
03/12 01:43, 16F
抱歉沒有說清楚
資安公司的聲明說目前並不清楚是在哪個環節出錯
(有說是某兩間公司所為 但是沒有公布)
有可能是通路商沒錯 因為出廠時是沒問題的
影響地區未知
ROM是原廠的 只是多了幾個有毒的App
表格裡面確實能發現病毒假造成正常App的情況
所以表格有附上SHA雜湊值來判別
平常安裝的話不用擔心 但是手機要是買來就附Minecraft PE的話就要當心了
→
03/12 01:44, , 17F
03/12 01:44, 17F
推
03/12 01:45, , 18F
03/12 01:45, 18F
推
03/12 01:47, , 19F
03/12 01:47, 19F
→
03/12 01:47, , 20F
03/12 01:47, 20F
→
03/12 01:47, , 21F
03/12 01:47, 21F
推
03/12 01:49, , 22F
03/12 01:49, 22F
→
03/12 01:49, , 23F
03/12 01:49, 23F
→
03/12 01:50, , 24F
03/12 01:50, 24F
→
03/12 01:50, , 25F
03/12 01:50, 25F
因為文章並沒有表示清楚 所以我寫未知 若覺得不妥的話我來改一下 謝謝~
推
03/12 01:51, , 26F
03/12 01:51, 26F
→
03/12 01:51, , 27F
03/12 01:51, 27F
瞭解 已修正 抱歉造成誤解
推
03/12 01:54, , 28F
03/12 01:54, 28F
原文也沒說明清楚QQ
推
03/12 01:55, , 29F
03/12 01:55, 29F
→
03/12 01:55, , 30F
03/12 01:55, 30F
→
03/12 01:55, , 31F
03/12 01:55, 31F
→
03/12 01:55, , 32F
03/12 01:55, 32F
噓
03/12 01:56, , 33F
03/12 01:56, 33F
※ 編輯: tom282f3 (140.112.241.89), 03/12/2017 01:56:53
→
03/12 01:57, , 34F
03/12 01:57, 34F
還有 37 則推文
推
03/12 09:17, , 72F
03/12 09:17, 72F
推
03/12 09:54, , 73F
03/12 09:54, 73F
推
03/12 09:54, , 74F
03/12 09:54, 74F
推
03/12 10:00, , 75F
03/12 10:00, 75F
→
03/12 10:00, , 76F
03/12 10:00, 76F
→
03/12 10:00, , 77F
03/12 10:00, 77F
推
03/12 10:04, , 78F
03/12 10:04, 78F
→
03/12 10:05, , 79F
03/12 10:05, 79F
噓
03/12 10:23, , 80F
03/12 10:23, 80F
→
03/12 10:23, , 81F
03/12 10:23, 81F
推
03/12 10:42, , 82F
03/12 10:42, 82F
噓
03/12 10:45, , 83F
03/12 10:45, 83F
推
03/12 11:05, , 84F
03/12 11:05, 84F
推
03/12 11:22, , 85F
03/12 11:22, 85F
推
03/12 11:31, , 86F
03/12 11:31, 86F
推
03/12 11:32, , 87F
03/12 11:32, 87F
→
03/12 11:32, , 88F
03/12 11:32, 88F
噓
03/12 11:35, , 89F
03/12 11:35, 89F
噓
03/12 11:40, , 90F
03/12 11:40, 90F
推
03/12 11:42, , 91F
03/12 11:42, 91F
噓
03/12 11:50, , 92F
03/12 11:50, 92F
推
03/12 11:53, , 93F
03/12 11:53, 93F
推
03/12 12:08, , 94F
03/12 12:08, 94F
噓
03/12 12:12, , 95F
03/12 12:12, 95F
推
03/12 12:31, , 96F
03/12 12:31, 96F
噓
03/12 12:36, , 97F
03/12 12:36, 97F
推
03/12 12:41, , 98F
03/12 12:41, 98F
推
03/12 12:59, , 99F
03/12 12:59, 99F
推
03/12 13:29, , 100F
03/12 13:29, 100F
推
03/12 13:32, , 101F
03/12 13:32, 101F
推
03/12 13:59, , 102F
03/12 13:59, 102F
→
03/12 14:00, , 103F
03/12 14:00, 103F
→
03/12 14:24, , 104F
03/12 14:24, 104F
推
03/12 14:37, , 105F
03/12 14:37, 105F
推
03/12 15:00, , 106F
03/12 15:00, 106F
推
03/12 16:54, , 107F
03/12 16:54, 107F
推
03/12 18:51, , 108F
03/12 18:51, 108F
→
03/13 14:48, , 109F
03/13 14:48, 109F
→
03/13 14:48, , 110F
03/13 14:48, 110F
→
03/18 08:59, , 111F
03/18 08:59, 111F