Slashdot Mirror
20+ Chinese Android Smartphones Models Come With Pre-Installed Malware
An anonymous reader writes: Security researchers from G DATA have published research (PDF) into Android phones produced in China, which found that a large number of devices ship with pre-installed malware and spyware. Affected models include the Xiaomi MI3, Huawei G510, Lenovo S860, Alps A24, Alps 809T, Alps H9001, Alps 2206, Alps PrimuxZeta, Alps N3, Alps ZP100, Alps 709, Alps GQ2002, Alps N9389, Android P8, ConCorde SmartPhone6500, DJC touchtalk, ITOUCH, NoName S806i, SESONN N9500, SESONN P8, Xido X1111, Star N9500, Star N8000 and IceFox Razor. The researchers do not believe the manufacturers are responsible for the malware; rather, they suspect middlemen within distribution channels. "According to G DATA, the contamination of these smartphones is done by hiding malware as add-on code in legitimate apps. Since users don't usually interact with the malware and the add-on runs in the app's background, unless using a mobile antivirus solution, these infections are rarely discovered."
That's unpossible!!!1!
Posted earlier today [Source]:
Cheap Smartphones Quietly Becoming Popular In the US
Bloomberg reports that ZTE and its cheap Android smartphones have been grabbing more and more of the market in the U.S. It's not that the phones are particularly good â" it's that they're "good enough" for the $60 price tag. The company has moved up to fourth among smartphone makers, behind Apple, Samsung and LG. That puts them ahead of a lot of companies making premium devices: HTC, Motorola, and BlackBerry, to name a few. ZTE, a Chinese manufacturer, seems to be better at playing the U.S. markets than competitors like Xiaomi and Huawei, and they're getting access to big carriers and big retailers. "Its phone sales are all the more surprising because it's been frozen out of the more lucrative telecom networking market since 2012. That year, the House Intelligence Committee issued a report warning that China's intelligence services could potentially use ZTE's equipment, and those of rival Huawei Technologies, for spying. Huawei then dismissed the allegations as 'little more than an exercise in China bashing.'" I wonder how long it will be before these ones are also found to be full of malware?
that does the same stuff and takes your info like all the other free or paid for apps.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
or is something like that be ancient like IMTS that operated on VHF freq. </factious>
Malware here, spyware there, all I want is a phone but now I have to worry about this.
mfwright@batnet.com
The TFA was light on details, but where phones are sold makes a big difference.
In Asia and South America, there are a lot of small shops selling phones, and oftentimes, they add "value added" stuff like pirated apps and other items. Usually the lesser known makers wind up here.
In the US, the phones go either directly from the maker to the phone provider to be sold, or from the manufacturer to a store like Best Buy or S-Mart.
I would be surprised if malware (other than the usual vendor bloatware) was an issue in the US or Europe.
The researchers do not believe the manufacturers are responsible for the malware
Perhaps these "researchers" could get their act together and be more sure about their conclusion. If the "apps" in question are installed after manufacturing then they are easy to spot and can be uninstalled, and in such a case they likely (but not certainly) were added in the distribution channel. If, on the other hand, they are in the ROM itself then they can only be "disabled" and not uninstalled and it is extremely likely that the manufacturers put them there (most likely knowingly but there is a slim chance it was out of ignorance). Simply saying that they do not believe the manufacturers were not responsible with explaining why they say that is completely bogus.
I'm an American. I love this country and the freedoms that we used to have.
Comment removed based on user account deletion
The vast majority of cell phone users who don't know the difference between a bootloader and an Army boot.
Faster! Faster! Faster would be better!
Nice try, but that doesn't apply here. China is bashing us with defective, harmful products. We need to enforce better consumer protections.
“He’s not deformed, he’s just drunk!”
One benefit of buying a name brand from a trusted source...
Buy an iPhone from an Apple store and your chances of having malware on it are more or less zero...
Buy a Samsung Galaxy from the Samsung store in the mall, likewise, almost no chance of a problem...
The thing is, major brands such as those have a reputation to care about. The cheap off brands don't.
Likewise, I feel comfortable buying a Microsoft Lumia from a known source, update it to the lastest version of Windows, make sure security software is installed, only install apps from the MS app store, you should generally be good to go.
There is value in trusted computing. I know a lot of people like to jailbreak, or side load apps, but there is a risk in doing so.
While my iPhone is locked down... it is worth noting... that it is locked down... I can generally use it with confidence. My desktop Windows PC? Less so, one has to be much more careful with that.
Now I know what some people say, "Apple is tracking you", or "MS is tracking you". Yea, but I don't care, neither company is out to steal my info or crash my computer or hold me hostage. Neither company is going to steal my CC info or hack my passwords. They can track me all they like, in return they give me a lot of free software and updates.
Sure. So I'm guessing this goes right along side all those American and Korean Android phone models that come with preinstalled malware. In fact I'm pretty sure the term "Android phone" intrinsically implies preinstalled malware and if not there's plenty of it you can install off the play store.
The problem is, there is too much money involved in the politics of killing off corporations.
That sounds more like your typical libertarian poutrage than any kind of truth. Nobody's trying to *kill off corporations*. We only want them to abide by the same rules the rest of us are under. The real problem is that we allow them too much authority over our governments.
“He’s not deformed, he’s just drunk!”
Actually you are wagging the dog. The state is set up by the corporation to serve its interests. It takes a lot of money to put it all together, and politician who doesn't comply will lose all financial support, or worse. Napoleon's power didn't come from the wretched.
I oppose corporations (and unions) from contributing to political causes, either directly or indirectly.
You shouldn't. It's interfering. Just don't vote for people who take their money, and the problem is solved.
“He’s not deformed, he’s just drunk!”
Nice try, but it originated with Slate.
[End Of Line]