9Eki
How to find malware added in supply chain to Android phone?
As has become a mainstream news story many times over, some Android phones are being shipped with malware preinstalled, because they go from factory to a second party who adds the malware and then to the US.
What is the strategy for examining and identifying malware on these phones?
I assume I'd need to use adb to extract a complete file list, look for obvious known adware like Adups, spyware, etc., and then proceed to scan all files looking for patterns i.e. Yara files.
Can anyone expand upon this basic understanding and correct misunderstandings?
