Slashdot Mirror
Malware Found Preinstalled On Some Alcatel Smartphones (zdnet.com)
An anonymous reader quotes a report from ZDNet: A weather app that comes preinstalled on Alcatel smartphones contained malware that surreptitiously subscribed device owners to premium phone numbers behind their backs. The app, named "Weather Forecast-World Weather Accurate Radar," was developed by TCL Corporation, a Chinese electronics company that among other things owns the Alcatel, BlackBerry, and Palm brands. The app is one of the default apps that TCL installs on Alcatel smartphones, but it was also made available on the Play Store for all Android users --where it had been downloaded and installed more than ten million times. But at one point last year, both the app included on some Alcatel devices and the one that was available on the Play Store were compromised with malware. How the malware was added to the app is unclear. TCL has not responded to phone calls requesting comment made by ZDNet this week. The app reportedly harvested users' data and sent it to China. It collected geographic locations, email addresses, and IMEI codes, which it sent back to TCL.
Upstream, a UK-based mobile security firm, also found that "the malicious code hidden inside the app would also attempt to subscribe users to premium phone numbers that incurred large charges on users' phone bills," reports ZDNet. "All in all, the company says it detected and blocked over 27 million transaction attempts across seven markets, which would have created losses of around $1.5 million to phone owners if they hadn't been blocked."
Upstream notes that most of the behavior they've seen originated only from two types of smartphones: Pixi 4 and A3 Max models.
Upstream, a UK-based mobile security firm, also found that "the malicious code hidden inside the app would also attempt to subscribe users to premium phone numbers that incurred large charges on users' phone bills," reports ZDNet. "All in all, the company says it detected and blocked over 27 million transaction attempts across seven markets, which would have created losses of around $1.5 million to phone owners if they hadn't been blocked."
Upstream notes that most of the behavior they've seen originated only from two types of smartphones: Pixi 4 and A3 Max models.
Hooray for Android!
I am not so opposed with some Chinese goods, but I do think we made a serious mistake relying so heavily on the Chinese to make most of our electronics.
You and ZTE need to wake the fuck up and realise people are keeping count.
Sueballs. Data Protection. Gonna say HELLO
I didn't realize anyone still sold Windows phones....
the forecast is not favorable for us vast majority wandering unchosens?
Had to stifle a laugh. Canal of criminal faggots lol
like BLU and Plum Mobile who have been doing this for years. Or most likely, Alcatel weren't aware of that the weather app was doing these things.
- The government is authoritarian enough that it will meddle.
- There are no consumer protections for this kind of stuff in China
- You have no recourse if a Chinese company steals your data
Whereas in the west we have consumer protections for it, and a judicial system for recourse. That said, western governments can meddle too, however it's much harder for them to keep it secret.
These seems to come out of nowhere, and are everywhere now: Best Buy, Walmark, Costco. Never heard of them before this last holiday season.
Long-term license, rather than ownership for the Blackberry brand. http://www.marketwired.com/pre...
that malware authors, identity thieves, paedophiles, rapists, and meth/crack/herion makers/dealers deserve the death penalty.
It's not 1.6 billion Chinese who are in on this, it's just one little company making one little weather app, collecting market data like every other phone app is doing these days.
Go back to eating, American Bob, using your head ain't working for ya.
The real question is, what are you more afraid of: China installing malware and sending it back to their country's government or your own country installing malware and sending it to your own government? I mean, that doesn't happen now, right? Right?
Thirty dollar phone / You get what you don't pay for / Return to Wal-Mart /
For the same reasons as above, I'm much more afraid of China doing it, because they can use the information for any purpose. And they do.
Here in the USA, the government can only do certain, narrowly defined things. And when it comes to my data, it is really hard for them to use it in a way that harms me. They can't give it out, and they can't use it against me without a bunch of processes where I have substantial rights.
In China you don't even have the right to a lawyer, or to see evidence against you. There are no standards of evidence that restrict what data they can use. They don't need to have a warrant first in order to later use it against you.
If the NSA slurps my data, they didn't have a warrant, and they can't use it against me. They can use it target a missile in Iraq, but here at home they can't even use it to give me a parking ticket.
My government can get that legally, and jealously punishes others who try. I don't need an even more corrupt foreign government being a second, (or fifth), source of leaks.
If I use an android phone, my data is likely collected by:
My government,
Google,
My ISP/cell carrier,
Whatever Apps I install.
I may not like that, but except for #4, I can't stop it.
I definitely don't want a foreign government to also track it.
The US government worker is at least harder to bribe than a China or Russia agent. Not for any moral superiority assumption, but because they are paid more to begin with. Not that any Russian company even make electronics anyone wants.
Do you live in China? Do you go to China? What can China do to you? You see, my point isn't to say it's good that China is also (as others seem to think) slurping up all your data another with Google, App developers, and your own government. It's to question what the actual effect is.
You talk about the legal processes that prevent harm, but the repeated examples of warrantless programs to collect data on Americans which was clearly unconstitutional doesn't give me a lot of confidence that the NSA/CIA/FBI will suddenly feel beholden to one of my other enumerated rights when it comes time to decide what sort of punishment it would level against me. You could call that rampant paranoia, and you talk about the NSA leading to being targeted in Iraq by a missile but here you're safe which seems long-term baseless. Parallel construction and anonymous sources gets around the need to divulge too much of how the NSA landed you a parking ticket or much worse.
Another person went on a rant about China attacking US markets, which would matter if something I was doing was actually relevant in the US market--like critical tech or secret data. I would agree that the US has stopped doing the whole corporate espionage thing, and it'd likely target people in other countries that were considered sufficiently hostile. That's hardly my worry nor is that a basis for most people to worry.
tl;dr - How about just asking the question I answered in context by at least beginning to spell out what China can actually do to you personally or even as a group for which you think your own government can't, wouldn't, and doesn't do the same regularly? This isn't about defending China. China is a horribly place I'd never visit. It's about my disgust with what "free" people in "free" countries tolerate while pointing at China as if in shock.
Popular App Weather Forecast Collects Too Much User Data and is Attempting To Subscribe Some Users To Paid Services Without Permission
"How the malware was added to the app is unclear."
Just ask the company who owns the premium numbers?
As an individual, there's little that China can do to me - I've been to China once and I'm not inclined to repeat that. But as a corporate user, a Chinese company having access to all of my work-related emails and access to any work-related files on my device could have a significant impact on my employer's ability to remain competitive (production is much cheaper than R&D), which would impact their ability to pay me.
British companies used to be warned not to discuss work on Air France flights because the French intelligence agencies would put microphones in the seats and pass on any commercially-sensitive information they picked up to French companies. China still has a very close relationship between corporations and intelligence. The NSA is far less likely to pass on anything that they learn to US-based competitors.
I am TheRaven on Soylent News
You're assuming that the Chinese data collection incorporates high security. When you're talking about spying, it's not a question of who gets your data, it's who gets your data first. I probably don't have anything to worry about from any government knowing the contents of my devices, but I might be more worried about various organised crime syndicates knowing things that can be easily inferred from these devices (e.g. when my house is going to be unoccupied). I'd trust the NSA or GCHQ to keep the data that they've stolen about me secret more than I would trust their Russian or Chinese counterparts.
I am TheRaven on Soylent News
it does not matter if you have a judicial system if it does not work for you, and it doesnt
lol
NO ONE ELSE is killing Rhinos because they have SMALL COCKS.
Think about that.
No other culture the world over is devoted to KILLING ANIMALS TO MAGICALLY GROW A MANS PENIS.
Fuck the Chinks, fuck their backwards world-destroying small cock culture, and fuck you for giving them shade.
You sound sooooo free.
Go back to Beijing.
Or Korea I guess. I was prompted to download the same software for my Samsung S8 Active. It brought up so many advertisements that I quickly deleted it.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Grown in Eastern Europe I can tell you that you're kind of idiot...There are many malefic regimes...you're worried about the NSA/CIA...fucktard
One way to get this companies undivided attention is for "someone" to lob 2,000 lbs. of high explosive through their front window... but that's just me.