Tag: Alldocube iPlay 50 Mini Pro

  • Alldocube Finds Security Flaws in Tablets, Promises OTA Fixes

    Alldocube Finds Security Flaws in Tablets, Promises OTA Fixes

    Key Takeaways

    1. Researchers from Kaspersky Labs discovered Keenadu malware that embeds itself in device firmware, accessing personal files and banking information without user alert.
    2. Keenadu was primarily used for ad fraud and was found in multiple apps on the Google Play Store, leading to their removal.
    3. Alldocube acknowledged the risk to older devices, including the Alldocube iPlay 50 Mini Pro tablet, and plans to release software updates for vulnerable models.
    4. Affected devices will receive OTA firmware updates by March 5, 2026, and Alldocube will conduct independent audits for security verification.
    5. Alldocube aims to implement internal reviews and preventive strategies to address vulnerabilities in the supply chain and enhance future security.

    Less than a week ago, a surprising finding was shared by researchers from Kaspersky Labs. They discovered Keenadu, a type of malware that can embed itself within a device’s firmware. This malware has the ability to access system information, which includes personal files, banking information, and even the installation of applications without alerting the user.

    Ad Fraud Connection

    Fortunately, it turns out that Keenadu was primarily used for ad fraud. This harmful malware was detected in various applications found in the Google Play Store, which have since been removed. According to the researchers, the malware was present in numerous devices, including the Alldocube iPlay 50 Mini Pro gaming tablet. Previously, the company had also reportedly experienced a significant breach impacting its OTA update servers.

    Alldocube’s Response

    In response to these allegations, Alldocube has stated that they take these matters very seriously and will be releasing software updates for some older devices that are vulnerable. The company has essentially acknowledged that a considerable number of older devices are at risk, many of which are still being used and may have been compromised.

    As confirmed by Alldocube, the devices impacted have been listed below:

    Devices considered to be in no immediate risk, as per Alldocube’s investigations, can be found in the documents above. Alldocube has assured that OTA firmware updates will be available by March 5, 2026, for the affected devices and also plans to conduct independent audits to verify the security and safety standards of the new firmware.

    Future Preventative Measures

    Additionally, the company has mentioned that it will carry out internal reviews and implement preventive strategies to avoid such serious situations in the future. They indicated that these vulnerabilities arose due to security issues in the supply chain, although they did not provide further details on this matter.

    Source:
    Link

     

    Tags: , ,
  • Pre-installed Malware on Android Can Steal Your Private Data

    Pre-installed Malware on Android Can Steal Your Private Data

    Key Takeaways

    1. Keenadu Malware: A new malware named Keenadu can be pre-installed on Android devices and infiltrates OTA upgrade packages.

    2. Device Access Risks: The malware can grant attackers full access to system data, personal files, and install apps without user consent, primarily used for ad fraud.

    3. Limited Activation: Keenadu does not activate in Chinese time zones or if the Google Play Store is absent, hinting at its origins.

    4. Affected Devices: The malware has been detected on various devices, including the Alldocube iPlay 50 Mini Pro, with over 13,000 victims reported mainly in Japan, Russia, the Netherlands, Germany, and Brazil.

    5. Recommended Action: If affected, users should consider replacing their device with one from a reputable manufacturer, as the malware embeds deeply in the firmware, making removal difficult.

    Courtesy of diligent security experts, unaware users can frequently learn about security vulnerabilities hiding in their smart gadgets. A team from Kaspersky Labs has uncovered new malware that, surprisingly, can sometimes be pre-installed on contemporary Android devices.

    What is Keenadu?

    Named Keenadu, this advanced malware can infiltrate OTA upgrade packages, allowing it to sneak into the firmware of compromised devices. It can also find its way onto devices through dubious unofficial app installers and, on occasion, even through the legitimate Google Play Store.

    The Threat it Poses

    This malware is not to be taken lightly; it can potentially grant full device access to those with malicious intent. According to Kaspersky, this includes access to system data, personal files, and sensitive information, as well as the ability to install applications without the user’s approval. Curiously, it seems the malware has only been used so far for ad fraud.

    Some apps that have been found infected by Kaspersky are shown in the image below:

    Origins and Implications

    Regarding the malware’s origins, there is no solid information available. Researchers discovered it does not activate if it senses Chinese time zones or location, and also if the Play Store is absent on the device. While we are not making any assertions, it’s worth noting that the Google Play Store does not function in China.

    The malware was detected in various devices, including the Alldocube iPlay 50 Mini Pro. Alldocube is also from China and has previously acknowledged issues with compromised OTA update channels, as reported by BleepingComputer.

    Currently, Kaspersky has reported that the “Keenadu” malware has impacted over 13,000 victims, primarily in Japan, Russia, the Netherlands, Germany, and Brazil.

    What to Do if Affected

    Unfortunately, if a user becomes a victim of such an attack, the most advisable step appears to be replacing the device with one from a more reputable manufacturer. This is due to the fact that the malware embeds itself so “deeply” into the firmware of a device, making it nearly impossible to eliminate. While acquiring firmware from a different source may be an option, it carries its own risks, such as compatibility issues.

    Source:
    Link

     

    Tags: , ,