Cheap Chinese Smartphones Accused Of Stealing User Data & Money
A Chinese company that specializes in cheap smartphones has been exposed for selling devices pre-loaded with malware that steals data and money from consumers straight out of the box. The phone brand, Tecno is owned by Chinese mobile manufacturer Transsion and is one of several Chinese mobile brands taking advantage of the poor, particularly in developing countries.
Transsion released its first smartphone in 2014, and by 2017 had grown to become Africa’s top handset seller, beating out longtime market leaders like Samsung. While the brand remains mostly unknown outside of Africa and other developing countries, Transsion is the fourth-largest handset maker in the world. It's important to point out that it is also the only large scale manufacturer to focus exclusively on low-income markets. Unfortunately, this is not the first instance of such malicious use of malware from manufacturers either. Cheap Chinese smartphones are quickly becoming a security risk to people around the world with low income; and with a global pandemic still highly prevalent, that number of individuals is increasing daily.
An investigation by Buzzfeed News and a mobile security company Secure-D, recently revealed how the scam works. Transsion phones such as the Tecno W2 were embedded with malicious software right out of the box that secretly downloaded apps and attempted to subscribe its owner to paid services without their knowledge. The malware is designed to use up the user's data in these attempts to subscribe for premium services and steal the owners money. Typically, this form of malware requires someone to install it on their phone themselves, usually through some clever form of trickery. However, mobile malware analysts believe that because this malware is coming straight from the factory, and cannot be removed via a complete device factory reset, that it is a game changer in the battle to combat such cyber attacks.
A sad fact exposed in these accusations is that when low-income individuals, especially those in developing countries, have no more money to take, their data becomes the next target for digital thieves. Many consumers who buy phones from Chinese brands like Tecno have never owned a smartphone before, and are connecting to the internet and world of prepaid data for the first time. Unfortunately, they see a Tecno phone for a fraction of the price compared to a Samsung or Nokia and give it a try to save money, but end up losing a lot more in the long run. The desire to keep costs low sadly opens up a sinister door for malware and other data vulnerabilities. This isn't an isolated occurrence either. In addition to South Africa, Tecno phones with the malware were uncovered in Ethiopia, Cameroon, Egypt, Ghana, Indonesia, and Myanmar. People in the United States are also being exploited. Earlier this year, a different mobile security service found malware installed on two different Chinese-made phones that were offered to low income individuals as part of a subsidized mobile data program. Mobile security companies must work harder than ever to combat these issues.
According to Buzzfeed News, Secure-D mobile security blocked 844,000 transactions tied to malware that had been preinstalled on Transsion phones between March and December 2019. The company stated that while Transsion only accounted for 4-percent of the traffic seen in Africa, it contributed to 18-percent of all suspicious clicks recorded. A spokesperson for Transsion told BuzzFeed News that some Tecno phones did in fact contain the hidden malware programs, but blamed them on an unidentified vendor in the supply chain process. That person went on to say that Transsion does not profit off the malware in any way, and has since released downloadable fixes for the two most abundant malware issues.
While Transsion has appeared to attempt to make things right with its customers, it feels that it's more so because the company was caught. The true issue is that Chinese companies are not only extracting data and money from people living in poverty who aren't the most tech-savvy, but they're also selling them the actual tools being used to exploit them. Mobile security companies have their work cut out for them as this issue expands to other countries, but trust that like many other agencies and business markets, they will be keeping a very close eye on China.
Source: Buzzfeed News