Chinese smartphone maker Gionee was found guilty by the Chinese court. It seems that Gionee purposely planted malware in their phones without the user’s knowledge. The Shenzhen Zhipu Technology Co. Ltd., which is a subsidiary of Gionee, was found guilty of embedding a Trojan Horse via a software update for the Story Lock Screen app.
It was found that the Dark Horse Program infected 20 million Gionee phones all over the world. The Trojan ran unsolicited ads and performed other malicious activities for money without the user’s knowledge.
Upon further investigation, it was found that the first Trojan infected device was detected way back in December 2018. Gionee ran this illegal activity till October 2019. During this time period, the company is said to have earned around $4.2 million, affecting 21.75 million smartphones. The expenses for that period are just a little below $1.3 million.
Xu Li, Zhu Ying, Jia Zhengqiang and Pan Qi were found to be the main culprits and were sentenced to 3 to 3.5 years in prison along with a CNY 200,000 (~$30,000) fine each by the Chinese court for illegally controlling mobile devices.
This may seem really shocking but the truth is that this kind of malicious activity is really common for the Chinese manufactured phones. In the past, other Chinese smartphones brands were also found guilty like for example one of them is Tecno.
An investigation conducted by Secure-D found that a particular phone model of Chinese smartphone brand Techno was also involved in a similar illegal activity. The particular phone model in question is the Techno W2 smartphone. The phone is an entry-level budget phone which was very popular in Africa. Apart from India, Chinese smartphone brand Techno of Transsion Holdings also has a huge market in Africa. The phone was launched in Africa in 2018.
Based on a report by Secure-D, the phone contained two malwares right out of the box. The malwares were Triada and xHelper. The malwares’ used to automatically download apps in the background and tried to automatically subscribe the user to paid subscriptions without the user’s knowledge. Users’ even reported that their phones would automatically consume prepaid data and would also receive numerous messages about paid subscription which they had no idea off.
As per an article by BuzzFeed News, a man named Mxolosi in Johannesburg, South Africa had bought a Techno W2 smartphone because he was attracted to the design and the features he was getting at such a low price of $30. The price was far less compared to other tops smartphone brands of South Africa like Samsung, Nokia, or Huawei. But later his happiness came to an end when he saw that his phone used to automatically consume data and charge him for the paid subscription which he had no idea of ever subscribing. Along with that, he used to get annoying pop-up ads which interrupted his calls and chats. Soon the phone which he considered cheap was becoming very costly for him.
Secure-D Managing Director Geoffrey Cleaves told BuzzFeed News that the malwares were solely responsible for the Mxolosi’s data loss as they were secretly using the data to perform malicious tasks.
Transsion Holdings which is also the owner of Itel and Infinix claimed that they were not responsible for any of the malwares. They shifted the blame to an unidentified vendor. They even reframed from disclosing the exact figure of the handsets affected by these malwares.
Based on the investigation by Secure-D, it was found that Secure-D had blocked 8,44,000 fraudulent transactions coming from pre-installed malware on Transsion phones between March and December 2019.
Secure-D also found Alcatel smartphones offered by TCL Communication to come with malicious pre-installed apps. Alcatel smartphones are popular in Brazil and Myanmar for there crazy specs at entry-level prices same as other Chinese brands.
Safety tips
Users may not be able to do much if their phone manufacturers are involved in purposely embedding your phones with malwares to steal your data.
What user can do is that they could take certain safety precautions which would stop malwares from being installed on to your phones from external sources. Some of these precautions are listed below:
- Don’t jailbreak your device: Jailbreaking or rooting your device removes a lot of its built-in security. While this may let you do more with your device, it also leaves it more vulnerable to attacks.
- Use a VPN: A virtual private network is a secure “tunnel” that lets you access and share information securely over public Wi-Fi networks. this will stop hackers from remotely accessing your device.
- Download apps only from reputable sources: Unofficial app stores are more likely to be sources of malware-infected apps.
- Do mobile vulnerability scanning: You can’t prevent what you don’t know about. Use a vulnerability scanner or malware scanner or antivirus for your mobile device.
- Update software and hardware: Companies often release updates on mobile devices that address potential vulnerabilities.
- Encrypt your data: If you have sensitive data on your mobile device, make sure it’s encrypted. It will then remain secure, even if malware steals it.
- Phishing: Often hackers pose as legitimate institutions and send emails or contact users via telephone. On clicking the contents of the mail, a user unknowing installs a malware which the hacker or scammer uses to steal your sensitive data. Please verify anything which looks or sounds suspicious by directly contacting the institution.
- Website security: Whenever a user enters a website. The user should check the prefix of the URL(Uniform Resource Locator) whether it says HTTPS(Hypertext Transfer Protocol Secure) followed by a lock symbol which means the website is secured or it only says HTTP(Hypertext Transfer Protocol) which means the website is not secured. A user should not share sensitive information on such website as there is a good chance that this website is a phishing site, waiting to steal your information.
That will be all for now folks. Make sure to stay tuned to this website for more updates.
