A Malware Discovered In Some Cheap Chinese-Made Smartphones Can Steal Data And Money From Users

According to a new report published by security researchers, some low-cost Chinese smartphones come with preinstalled malware that has stolen data as well as money from people who can't afford high-end devices. China-based Transsion Holdings is the company behind Infinix and Tecno mobile brands. Before 2014, Transsion Holdings used to be a feature phone manufacturer, however, the company released its first smartphone back in 2014, and it has now grown to emerge as a leading smartphone brand in Africa and some Asian markets such as India.

Although the company is known for cheap smartphones, these phones may also contain malware that secretly downloads applications and tries to subscribe users to services without their permission or knowledge. According to the report, Mxolosi, a 41-year-old South African, purchased the Tecno W2, but he saw that his smartphone was plagued with pop-up ads interrupting his calls and messages. The victim said that he would wake up to find his prepaid data mysteriously used up. He also received messages about paid subscriptions to applications he had never asked for.

The victim thought that this was his fault, however, an investigation by a smartphone security service Secure-D found that a software preinstalled on his smartphone was draining all his prepaid data and trying to steal money. According to the report, his Tecno W2 was infected with xHelper and Triada malware. This malware secretly downloaded applications on his smartphone and attempted to subscribe to paid applications without Mxolosi’s knowledge.

The system of Secure-D which phone carriers use to protect their networks as well as consumers against fraudulent transactions blocked 844,000 connected to preinstalled software on Transsion smartphones between March and December of 2019.

Geoffrey Cleaves, Managing Director at Secure-D, told media outlets that the data of the victim was used up by the malware as the malware attempted to subscribe him to paid applications. It is noteworthy that Tecno W2 smartphones in various other markets including Cameroon, Ghana, Egypt, Myanmar, Indonesia, and Ethiopia, were also infected. According to Cleaves, Transsion traffic accounts for 4% of users in Africa, and it still contributed more than 18% of all the suspicious clicks.

A Transsion spokesman admitted that some Tecno W2 smartphones were infected, blaming an unidentified vendor, and added that the company did not profit from the malware. However, the company declined to say how many phones were infected.


Read next: Security Researcher Publishes Details About A Bug In Safari Browser After Apple Postponed Patching The Bug To Spring 2021
Previous Post Next Post