PinePhone Malware

By Chance in Trojans

Translate To:

PinePhone is a Trojan malware threat designed to wipe clean the firmware of PinePhone’s GPS/GSM/WWAN modem. It first appeared on the IRC instant messaging system on Dec. 5 when an IRC user going by the name of Ubuntu dropped a package accompanied by the message ““hei gaiz I make snake gaem here is link www2-pinephnoe-games-com-tz replace dash with dot kthxbai" on #pinephone, the Pine64 Discord’s IRC channel. A closer analysis of the code revealed features typically found in Trojans, which is why the application has since got the PinePhone malware moniker.

Combining basic code obfuscation, a classic snake game, and root-level privileges, the PinePhone malware takes advantage of the CVE-2021-31698 AT command set execution vulnerability to run the shred command on every file to doom any recovery attempts to failure. The modem’s firmware is likely to be wiped out on Wednesday, December 22, unless security analysts find a way to intervene.

The PinePhone malware features a classic Snake game mingled with a corrupted code, whose source may have come from a third-party open-source project. So far, the code does not appear to be conducting any communication with external servers. Although the malware is capable of performing full-blown file encryption operations, it hasn’t done anything of the sort yet.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

PinePhone Malware

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen