Transsion Holdings, the Chinese company behind Tecno and Infinix smartphone brands was a feature phone maker in the 2013’s. However, the company released its first smartphone in 2014. It represented a milestone for the company since it allowed the group to emerge as some of the most competitive brands in Africa and some Asian countries like India. The company is well known for shipping low-end smartphones with affordable price tags. They’ve allowed some users in developing nations to have access to the smartphone era. However, in some cases, this deal includes malware.
A recent report by BuzzFeed News reveals that some Chinese phones are shipping with malware. It comes from secretly downloaded applications and tries to subscribe the user to services without his knowledge or permission. A case in point emerged involving a 41-year-old South African who got the Tecno W2. The phone was plagued with pop-up ads interrupting his calls and chats. The victim revealed that he had woken up on several occasions to find his prepaid data mysteriously used up and messages about paid subscriptions for apps that he had never asked for.
xHelper and Triada malware spotted
In a collaborative investigation led by BuzzFeed News and Secure-D, a mobile security service, it was discovered that pre-installed software was infected with xHelper and Triada malware. It was draining the user’s data and at the same time attempting to steal his money through such unsolicited subscriptions. Secure-D further revealed that its system which mobile carriers use to protect their networks and customers against fraudulent transactions blocked over 844,000 transactions connected to preinstalled malware on Transsion phones. This massive amount of blocked transactions happening in the nine-month period between March and December 2019.
A Transsion spokesperson confirmed that some of the company’s Tecno W2 phones contained the hidden Triada and xHelper programs. The company’s spokesperson blamed an unidentified “vendor in the supply chain process.” The company also hinted that they have always attached great importance to consumers’ data security and product safety.
“Every single software installed on each device runs through a series of rigorous security checks, such as our own security scan platform, Google Play Protect, GMS BTS, and VirusTotal test,”
Transsion states that it has not made a profit from the malware. However, the company declined to say how many handsets were infected with this malware.
Furthermore, Secure-D revealed that this kind of malware is not exclusive for Transsion phones. It has previously discovered malware on Alcatel phones that are made by the Chinese maker TCL Communications. Some cases emerged in Brazil, Malaysia, and Nigeria. The security firm exposed how Chinese technology pre-installed on cheap smartphones in Brazil and Myanmar robbed users with fraudulent transactions.
Interestingly enough, cases of this kind are not exclusive to developing countries. Earlier this year, Malwarebytes, found pre-installed malware which originated from China in two handsets offered to citizens with low incomes. It was part of the US government’s Lifeline program, which provides subsidized phones and mobile data.
This certainly will not be the end, so we should always be checking and investigating every app installed on our smartphone. Even if they are low-end smartphones with low hardware capabilities. They still can steal our money!