Spying Malware Found On Chinese Phone Brands On Sale In Australia
Chinese phone brands are loading up their budget handsets with malware for potential spying on users it’s been revealed.
Security researchers have found that low-cost Chinese phones have been loaded with malware designed to intrude on people’s lives in particular brands such as Tecno which is sold into the Australian market without local certification.
Chinese brand Tecno is owned by mobile manufacturer Transsion.
Several Tecno W2 phones, shipped to countries across the globe, come infected with malware that is meant to steal money and data from users the research at Secure-D claimed.
Other Chinese brands sold in Australia include Realme, Oppo, Viacom and Xiaomi and Huawei, Oppo has also been identified by Norton Security as having malware installed.
According to Secure-D, between March and December 2019 it had to block 844,000 malware transactions.
This included Malware such as Triada and xHelper, commonly found in download apps, they automatically subscribe to paid services.
This often leads to unexpected bills and data expenses for those who already reside in some of the most unprivileged locations in the world claims Secure D.
When a Chinese smartphone with illegal malware is opened it often throw up pop-ups on the screen and cause unwanted app installations.
What makes it worse that they can’t be removed with just a factory reset and often the permissions are hidden in other legal operations loaded on a device.
Transsion, the Chinese company that owns the Tecno brand, has cited an unnamed “vendor in the supply chain process” as the reason behind the pre-loaded malware.
When confronted with the problem recently the Chinese management said that they had delivered security fixes for Triada in March 2018 and xHelper in late 2019.
This is despite more than 800,000 malware transaction being discovered six months ago.
But the issue still persists.
Secure-D said it was blocking Triada and xHelper on Transsion phones even in April 2020, and it may simply be dormant right now till the storm over the use of malware blows over.
In a thread to the recently announced Norton Life Lock Security software one Oppo smartphone owner wrote “I’ve updated my Oppo Reno Z smartphone operating system ColorOS 6 (custom version of Android 9 Pie). From that moment Norton Mobile Security (version 184.108.40.20689) detected the “Messages” system app as a malware’.
There are several complaints about malware on Oppo smartphones.
Anti-fraud firm Upstream found the malicious code on 53,000 Tecno handsets, when they investigated the issue of malware on Chinese smartphones.
Upstream said Tecno was taking advantage of the “most vulnerable”.
“The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against,” said Geoffrey Cleaves, head of Upstream’s Secure-D platform.
The Triada malware found by the firm on the Android smartphones installs malicious code known as xHelper which then finds subscription services and submits fraudulent requests on behalf of users, doing so invisibly and without the user’s knowledge.
If the request is successful, it consumes pre-paid airtime, the only way to pay for digital services in many developing countries.
In total, Upstream found what it described as “suspicious activity” on more than 200,000 smartphones.