Chinese Android smartphone comes with malware pre-installed

  • 17 June 2014
  • 3 replies
  • 562 views

Userlevel 7
Badge +54
Graham Cluley | June 17, 2014
 
A German security firm is reportingthat an Android smartphone manufactured in China is shipping with malware pre-installed on it.
The Star N9500 smartphone, which can be easily found available for sale via outlets like Amazon and eBay for relatively cheap prices, is said by researchers at G Data to be infected with the Uupay.D Trojan horse, posing as a version of the Google Play Store app.
According to the security firm, the spyware trojan runs in the background stealing information, and sending it to a server based in China:
The spy function is invisible to the user and cannot be deactivated. This means that online criminals have full access to the smartphone and all personal data. Logs that could make an access visible to the users are deleted directly.
 

Full Article

3 replies

Userlevel 7
Oh now that is not good.
 
I do not think I have heard of a phone arriving with malware pre-installed before.  Even if one is very careful about downloads, to the degree of downloading NOTHING, one would STILL be exposed to major risks using one of these devices.
 
This makes it essential to have AntiMalware installed on every smartphone, regardless of download habits.
 
Thank you for sharing this one Jasper!
Userlevel 7
Badge +54
eBay has certainly done the right thing in banning its sale on its sites, all the other companies should follow suit now.
 
June 19th, 2014, 17:56 GMT · By Ionut Ilascu
 



 
 
 
 
 
 
 
 
 
 
 
 
 
 
Spyware on N9500 Android detected as Android.Trojan.Uupay.D
 "Listings for the Star N9500 smartphone have been pulled by eBay after German security software vendor G DATA discovered that the device was delivered with built-in spyware straight from the factory.

Star N9500 comes pre-installed with spying software that is disguised as the Google Play Store app, and cannot be removed because it is embedded in the firmware. It features nearly unlimited options that allow cybercriminals full access to the content of the phone.

All the information collected from the device - online banking data and text messages among them, is sent to an anonymous server under the control of the criminals, in China." Full Article  
Userlevel 7
Badge +26
I was thinking about buying one of these at one time but I started to have a bad feeling and I was sooo right! Glad I settled on a phone with lower specs (Gnex 32Gb Sprint) instead one of these and putting them on straight talk.

The bad thing is these are specced to be cloned Galaxy s4/5/note phones and people are flocking to these, as they are profusely cheaper. 😞

Reply