Amazon is selling tablets from third-party manufacturers on its website that are preloaded with malware allowing hackers to take control of those devices remotely. The malware-ridden tablets have been purchased by over 17,000 people to date, according to researchers at Cheetah Mobile Security Lab.
The tablets, which are not part of Amazon’s own range of devices, come from budget Chinese tablet manufacturers eager to lure those looking for a bargain by offering the devices for as little as $40.
The researchers found the malware — a Trojan horse called Cloudsota — preinstalled on certain Android tablets, enables remote control of the infected devices and conducts malicious activities without user consent. The researchers said they are confident the hackers behind the Cloudsota malware are in China, as the tablets are manufactured there and much of the code is written in Chinese.
Amazon has yet to respond to a request for comment from International Business Times about these tablets. There are many negative reviews of the tablets on the website that make mention of the malware being preinstalled, and yet many of the infected tablets remain on sale.
Those controlling the compromised tablets can install adware or malware on the devices and uninstall anti-virus applications silently. According to the Cheetah Mobile researchers: “With root permission, it is able to automatically open all installed applications. Furthermore, we found that the Trojan replaces the boot animation and wallpapers on some devices with advertisements. Cloudsota also changes the browser’s homepage and redirects search results to strange ad pages.”
The malware-infected tablets are now distributed in 153 countries around the world, with 30 different brands affected, though Cheetah Mobile says the problem could be much worse. The most affected countries, according to Cheetah Mobile’s research, include the U.S., Mexico and Turkey. It is unclear at what point the malware was installed on the devices and whether this was done with or without the manufacturer’s knowledge.
For customers who have already bought the devices, the researchers have published a guide on how toremove the malware.