# ** Revealing “heavenly” about millions of smartphones containing malicious code ** ## **About 9 million smartphones (smartphones) have been pre-installed with malicious code before reaching users in many parts of the world The above information is provided by The Register, citing security experts at Trend Micro of Japan. Experts revealed the above “heavy” information right at the Black Hat Asia Security Conference that took place in Singapore. “We have discovered a hacker attack targeting components supply chains to install malicious code into hardware-hosted programs that control the behavior of components and devices. These components are used for low-cost models (smartphones)(https://www.24h.com.vn/smartphone-c407e4053.html) running on the platform (Android)(https http://www.24h.com.vn/android-c407e4051.html) – which means that these smartphone models have been infected with malicious code before being shipped and delivered to users” – an expert at security research firm Trend Micro emphasize. These types of pre-installed malware on smartphones can collect a lot of information from the device such as the user’s location, read SMS text messages, hijack emails or social network accounts. Information stolen by malicious code will be sold by hackers to make a profit or take advantage of users’ smartphones to click on ads to gain illicit profits. Because malicious code is installed directly into the smartphone’s firmware, it is difficult to remove it from the device. Trend Micro did not disclose the names of affected smartphone manufacturers, but said that malicious code was detected in the products of “about 10 low-cost smartphone manufacturers”. “We estimate that about 9 million smartphones contain malicious code before reaching users, mainly products sold in Southeast Asian and Eastern European markets. The infection is in the early stages of the process. Assembling a smartphone is similar to putting a pathogen in a tree,” asserted Trend Micro’s expert. Experts at a security research firm from Japan have not yet revealed the culprit behind these malicious codes and from which country.