Unit 42 is the Palo Alto Networks threat intelligence team. Made up of accomplished cybersecurity researchers and industry experts, Unit 42 gathers, researches, analyzes, and provides insights into the latest cyber threats, then shares them with Palo Alto Networks customers, partners and the broader community to better protect enterprise, service provider, and government computing environments.
You can now have up-to-the-minute threat intelligence updates from Unit 42 delivered right to your inbox, as they’re posted. Click here to subscribe.
Regular research analysis is posted to the Unit 42 threat intelligence blog. Unit 42 also publishes whitepapers examining, in detail, threats to mobile device ecosystems, APTs, malware attack patterns and other subjects crucial to any security practitioner or business executive’s understanding of the current cyber threat landscape.
The sheer volume of malware, application vulnerabilities and advanced persistent threats makes it difficult for security teams to make the right decisions when it comes to protecting their networks. Wouldn’t it be great if there were a way to understand exactly who and what have been trying to get onto your network, and where threats are coming from?
Well, there is.
Coolpad is the sixth largest manufacturer of smartphones in the world, and the third largest in China. We recently discovered that the software installed on many of Coolpad’s high-end Android phones includes a backdoor which was installed and operated by Coolpad itself. Today we released a new report detailing the backdoor, which we’ve named “CoolReaper.”
After reviewing Coolpad complaints on message boards about suspicious activities on Coolpad devices, we downloaded multiple copies of the stock ROMs used by Coolpad phones sold in China. We found the majority of the ROMs contained the CoolReaper backdoor. …Continue reading