Shanghai Tongjue Network Technology Co. Ltd.

June 25, 2019

Tracing the Supply Chain Attack on Android

This post was originally published on this siteEarlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn’t exactly name those responsible, but said it believes the offending vendor uses the nicknames “Yehuo” or “Blazefire.” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. “Yehuo” (野火) is Mandarin for “wildfire,” so one might be forgiven for concluding that Google was perhaps […]