A recent investigation reveals that sophisticated supply-chain malware has been found pre-installed on Android devices during manufacturing and distribution, exposing users to persistent threats before first use. The malicious code operates at a low system level, enabling data exfiltration, command execution, and unauthorized access without triggering typical app-based defenses. Such embedded compromise demonstrates how supply-chain attacks can turn mobile endpoints into long-term footholds for attackers, bypassing standard app-store vetting and user consent mechanisms. With mobile devices serving as key access points for personal and corporate systems, the report underscores the importance of verifying device integrity, enforcing secure boot chains, and monitoring behavior across mobile fleets.
Read the full report here.