A discovery of a massive campaign involving millions of smartphones worldwide that were distributed with preinstalled malware known as “Guerrilla” has been made; The group behind the campaign is tracked by the cybersecurity firm as Lemon Group. The malware was found on a wide range of devices, including popular brands such as Samsung, Xiaomi, Oppo, Vivo, and Realme. The malware operates as a dropper, allowing attackers to remotely install additional malicious apps on the infected devices. The researchers believe that the campaign originated in Vietnam and suspect that it could be linked to a state-sponsored group. The malware’s primary purpose appears to be ad fraud, generating revenue for the attackers by displaying unwanted ads and automatically clicking on them. The discovery highlights the significant risks posed by preinstalled malware and the importance of device security and vigilance from both manufacturers and users.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.