Categories: Technology

Malware comes pre-installed in Chinese smartphone brand

Share

A recent security report reveals that a particular Chinese smartphone brand pre-installs malware on its devices.

According to the report, the Chinese smartphone manufacturer Transsion is responsible for this. The company is well-known for developing highly affordable smartphones. However, it appears that the company is installing malware on its devices.

The malware

The malware does not cause any long-term damage to the device. What it does is sign-up the user to various subscription services without their explicit permission. This is a clear violation of user rights and privacy.

The scheme was discovered by the anti-fraud firm Secure-D. The firm’s researchers conducted a thorough investigation after detecting the scheme on its platform.

According to the cybersecurity firm, they launched the investigation in March 2019. At that time, they discovered an unusual amount of traffic from the Transsion Tecno W3 smartphones.

The firm said that majority of the traffic comes from Cameroon, Egypt, Ethiopia, Ghana, and South Africa. Further investigations revealed that fraudulent claims were also reported in 14 other countries.

According to Secure-D, the malware was able to generate more than 19 million suspicion transactions. They suspect that all these transactions surreptitiously signed users up to various subscription services. In total, the malware is reportedly active in more than 200,000 unique devices.

The investigation revealed that Transsion is using a malware called Triada. It is a popular malware strain that acts both as a software backdoor and a payload downloader. Once the target device activates and connects to the internet, it will automatically download other malware.

A majority of these subscriptions were directed towards a series of apps called com.mufc. The source and developer of this app still unknown. Moreover, the app is not hosted on the official Google Play Store.

A new attack vector

Pre-installed malware is rarely seen, especially from major smartphone manufacturers like Samsung. However, smaller manufacturers like Transsion can essentially fly under the radar and distribute it to their users.

Since the malware comes pre-installed, it is virtually impossible to detect or remove it. Smartphone manufacturers specifically program this kind of malware to be invisible to the user.

In a statement, Secure-D chief Geoffrey Cleaves said:

“Mobile ad fraud is fast becoming an epidemic which, if left unchecked, will throttle mobile advertising, erode trust in operators and leave users saddled with higher bills.”

Cybersecurity experts suggest that staying away from suspicious manufacturers is a good strategy to avoid these attacks. Moreover, downloading apps only from legitimate and approved sources is also a great practice.

Featured image courtesy of Tero Vesalainen/Shutterstock

Yen Palec

Published by
Yen Palec

Recent Posts

Kelly Clarkson still struggling with her divorce, seeks Dolly Parton’s support: Rumor

Kelly Clarkson is still, allegedly, reeling from her divorce from Brandon Blackstock. According to National…

59 seconds ago

Gwen Stefani wanted to return to ‘The Voice’ but was rejected: Rumor

Gwen Stefani, allegedly, had her heart set on returning to The Voice, but the producers…

3 mins ago

Prince Harry hates how Prince William still bosses him around: Rumor

Prince Harry, allegedly, doesn’t like how Prince William still bosses him around even though he’s…

4 mins ago