Security researchers have found malware and ransomware pre-installed on 38 Android devices.

The infection of these 38 Android devices from two unidentified companies left the researchers perplexed. These apps were present even before the users received the device, according to the Mobile Threat Prevention team of Check Point.

Like Us on Facebook

A blog post by the researchers on Friday said the devices came from a multinational technology company and a large telecommunication company. The malware and ransomware are not part of the official ROM of the device but were added later on in the supply chain. Some malware was found installed by a malicious actor on six devices with the use of system privileges. In this case, the users cannot uninstall the application, and the device needs to be reflashed.

Researchers pointed out that the malware installed generally steals the user's personal information, and has rough ad networks like the Slocker; mobile ransomware. It demands ransom in exchange for a decryption key. Slocker also uses Tor as means of communication so that the operator cannot trace it.

Loko is another complex and powerful malware installed on the infected Android devices. It produces its revenue and makes illegitimate ads to steal the data and allow itself to take full control of the device.

When the malware is installed on a device, the security of the users is compromised. Those who received the 38 Android devices with pre-installed malware and ransomware would not notice any changes in the activity of the phone, the researchers from Check Point noted.

The Mobile Threat Prevention team is seeking to raise awareness about this serious mobile security threat. Users are advised to avoid visiting suspicious websites and download applications only from trusted app stores.