• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech

This Counterfeit iPhone Is Riddled With Backdoors and Malware

August 14, 2019

Huawei critics in China inspired by Hong Kong protests

December 13, 2019

US-Taliban talks ‘pause’ after suicide attack on American airbase

December 13, 2019

Take a Closer Look at the adidas YEEZY 700 V3 “Azael”

December 13, 2019

Internet shutdowns are becoming second-nature to the world’s largest democracy

December 13, 2019

Man charged with murder in 2018 fatal stabbing accused of second Lawndale slaying

December 13, 2019

The City Of Fayetteville Honors Fallen Officer Throughout The Week

December 13, 2019

Michelle Obama encourages Greta Thunberg after Trump slams activist

December 13, 2019

What Boris Johnson’s victory means for Brexit

December 13, 2019

188 Democrats join GOP to hand Trump $738 billion military budget that includes ‘space force’

December 13, 2019

Former NBA Commissioner David Stern Suffers Sudden Brain Hemorrhage

December 13, 2019

Tokyo being billed as ‘Recovery Olympics’ — but not for all

December 13, 2019

LAPD officer charged after allegedly fondling a dead woman’s breast

December 13, 2019
DNYUZ
  • Home
  • News
    • All
    • Business
    • Crime
    • Education
    • Environment
    • Opinion
    • Politics
    • Science
    • U.S.
    • World

    Huawei critics in China inspired by Hong Kong protests

    US-Taliban talks ‘pause’ after suicide attack on American airbase

    Take a Closer Look at the adidas YEEZY 700 V3 “Azael”

    Internet shutdowns are becoming second-nature to the world’s largest democracy

    Man charged with murder in 2018 fatal stabbing accused of second Lawndale slaying

    The City Of Fayetteville Honors Fallen Officer Throughout The Week

    Michelle Obama encourages Greta Thunberg after Trump slams activist

    188 Democrats join GOP to hand Trump $738 billion military budget that includes ‘space force’

    LAPD officer charged after allegedly fondling a dead woman’s breast

    New Zealand team recovers 6 bodies from island after volcanic eruption

    Trending Tags

    • Donald Trump
    • Robert Mueller
    • Joe Biden
    • William Barr
    • Elizabeth Warren
    • Bernie Sanders
    • Kamala Harris
    • Nancy Pelosi
    • Alexandria Ocasio-Cortez
  • Tech
    • All
    • Apps
    • Autos
    • Gear
    • Mobile
    • Startup

    What Boris Johnson’s victory means for Brexit

    AT&T launches consumer 5G in 10 cities, but expects only 5GE-like speeds

    AT&T’s low-band 5G network officially launches to all customers in ten cities

    Path of the Warrior is VR’s Streets of Rage, and it’s out now

    Twitter brings back election labels for 2020 US candidates

    T-Mobile CEO says if Sprint deal fails, prices may go up

    S&P 500, Nasdaq at records as hopes build for a trade deal

    You Could Die Today. Here’s How to Reduce That Risk.

    F.T.C. Said to Consider Injunction Against Facebook

    eBay relaunches Motors app with AI and automation at its core

    Trending Tags

    • Google
    • Apple
    • Facebook
    • Twitter
    • Amazon
    • Playstation
    • Gaming
    • Samsung
  • Entertainment
    • All
    • Culture
    • Gaming
    • Movie
    • Music
    • Sports
    • Television
    • Theater

    Former NBA Commissioner David Stern Suffers Sudden Brain Hemorrhage

    Tokyo being billed as ‘Recovery Olympics’ — but not for all

    Boris Johnson, Conservatives win UK election over rival Labour Party

    Former NBA Commissioner Stern has emergency brain surgery

    A ‘Baby Yoda Drinking Soup’ Doll Now Exists, and It’s Too Cute Too Handle

    Cyberpunk 2077’s soundtrack features Grimes, Run the Jewels, and more

    How Many Piercings Does BTS’ J-Hope Have? The Number Will Surprise You

    Olivia Wilde says she doesn’t believe ‘Richard Jewell’ journalist ‘traded sex for tips’

    MLB will test for opioids following death of Tyler Skaggs

    Harry Connick Jr. Broadway Review: A Celebration Of Cole Porter’s Voodoo That Harry Doodoo So Well

    Trending Tags

    • Netflix
    • HBO
    • Hulu
    • Game Of Thrones
  • Lifestyle
    • All
    • Architecture
    • Arts
    • Design
    • Fashion
    • Food
    • Health
    • Photography
    • Travel

    What Boris Johnson’s victory means for Brexit

    Former NBA Commissioner David Stern Suffers Sudden Brain Hemorrhage

    Residential Cruise Ship Cabins On Sale For $350,000, To Travel Around The World

    A ‘Baby Yoda Drinking Soup’ Doll Now Exists, and It’s Too Cute Too Handle

    Social Anxiety Can Make Christmas A Nightmare. Here’s How 3 People Cope

    Federal Watchdog Questions Billions of Dollars Paid to Private Medicare Plans

    ‘Harriet,’ ‘Little Women,’ and ‘Bombshell’: Female Empowerment Through Wardrobe

    You Could Die Today. Here’s How to Reduce That Risk.

    South Carolina Is the 10th State to Impose Medicaid Work Requirements

    Weinstein Lawyer Says 98% of Creditors Agreeing to Settle 

    Trending Tags

    • Mental Health
    • Beauty
No Result
View All Result
DNYUZ
No Result
View All Result
Home News

This Counterfeit iPhone Is Riddled With Backdoors and Malware

August 14, 2019
in News
3 min read
251 3
493
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Counterfeit smartphones probably aren’t worth the money you’ll save, and researchers say buying them will likely open you up to data breaches, identity theft, or worse.

Last year, Motherboard took a closer look at the counterfeit phone market with the help of Trail of Bits, a security research and consulting firm in New York City. We noted that while you can buy a counterfeit iPhone X for $100, you’re obviously getting a pretty janky (Android-based) facsimile filled with bugs, broken features, and empty promises.

Motherboard’s investigation also found the fake iPhone X was loaded with backdoors and malicious apps, meaning that owning such a device likely resulted in any number of dubious middlemen gaining access to your personal information.

Trail of Bits recently took an even deeper dive into the world of counterfeit smartphones, and found that the privacy and security issues with such phones are even worse than Motherboard’s initial investigation revealed.

This time, the researchers dug deeply into the workings of two bogus devices, a fake iPhone 6 and a fake Samsung S10. Both devices are routinely being sold for around a tenth of their retail price at a wide variety of sketchy online outlets, and both contain severe security vulnerabilities that will put your personal data—and potentially your personal safety—at risk. The external fit and finish do a convincing job making the devices look legit, and even some functionality like haptic feedback and fingerprint sensors work fairly well. Internally, both devices use cheap Chinese hardware running community-built Android-based ROMs, with the S10 using the same native launcher, UI/Icon pack, and theming engine of the original device. But while both devices pretend to be running the latest version of Android Pie 9.0, in reality they were running OS variants like Kitkat 4.4.0. that haven’t seen security updates since 2014. The devices also both run outdated kernels, opening device users to threats patched years ago (like DirtyCow or Towelroot) in the legitimate versions of these devices.

“These counterfeits are undeniably insecure,” the researchers found. “Both lie about their Android versions. The ROM versions used were severely outdated and vulnerable to public exploits, as were their kernels. They include bloatware, like remote debugging services, that enable abuse. This is what you’d expect from a phone that’s built around a volunteer-maintained, outdated Android ROM.”

But in addition to running unsecured hardware and software, the devices also contained a variety of intentional backdoors and malware opening users to even broader threats. For example the fake S10 included a modified SystemUI framework allowing the remote installation of unauthorized .dex files, as well as remote access to logs tracking location data, app installations, and more. The S10 even included a RAT (remote administration tool) disguised as a font extension system service. More simply, when you use these devices you’re effectively opening yourself to a universe of attacks and data breaches from a wide variety of international misfits. “If you’re using counterfeit phones, there’s a high likelihood that it will provide bad actors access to your data by design,” the researchers found. “It is trivial for a counterfeit manufacturer to implant and modify the ROM before distribution. Tracking or detecting either action is impossible for most users.” Users may not even know they’ve got a counterfeit phone if they buy their devices via a third-party vendor on eBay. As such, the researchers suggest only buying your phones from trusted vendors, and being wary of any smartphones received as a gift. “Counterfeit smartphones will continue to evolve in sophistication, performance, and threat to users,” the Trail of Bits researchers warned. “Using them puts your data at risk and may enable abuse of the applications and networks that you access and use.”

The post This Counterfeit iPhone Is Riddled With Backdoors and Malware appeared first on VICE.

Tags: ADAHAppleCounterfeitcounterfeitsiPhone
Share197Tweet123Share35

Trending Posts

Buttigieg and Warren trade words over corporate ties

December 13, 2019

New Zealand military unit recovers 6 bodies days after volcanic eruption

December 13, 2019

Hardware revolution pushes AI into the mainstream

December 13, 2019

Boris Johnson on course for crushing UK election victory

December 12, 2019

When Governments Get Complacent, Anger Rises

December 12, 2019

Copyright © 2019.

Site Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2019.

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In