Track Common Adversary Tasks Performed Using Allwinner

 




To know more about it, you can go through my detailed document by clicking here







Overview

Allwinner is a Chinese-based company that provides processors for Android and other devices. About 15 SoC processors have been released by it for use in Android phones, video cameras, car DVRs, etc.  However, according to reports, a Linux kernel given to be used in various devices, contained a backdoor and this backdoor allows any installed app full access to your system, which is a high risk to all the devices containing this kernel.

Types of Attacks

It can perform following tasks-
  • SMS Recording 
  • SMS Transmission
  • IMEI Exfiltration
  • IMSI Transmission
  • Call Log Transmission 
  • Call Contact Information Transmission
  • Location Collection & Transmission
  • Command Injection
  • Remote User Application Update
  • Remote User Application Install
  • Transmit Installed Applications List
  • Transfer Application Execution Order 
  • Programmatic Firmware Update
  • Remote Execution & Privilege Escalation (Without user's consent)
  • Transfer IP Address


Remedy

As the Linux kernel is pre-installed in your mobiles, it cannot be removed and/or disabled easily, and in order to do that effectively you have to root your device to locate the files and disable them or you can also use other alternate methods available online to take care of it without rooting. Although Allwinner insists that it may be a remnant of debugging process done during initial stages, it can still compromise the device's security significantly. Hence, it is still considered as a threat and requires everybody's attention.    










To know more about it, you can go through my detailed document by clicking here






















Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)