German Antivirus Company GData Identifies Smartphones Sold With Preinstalled Malware
Let us walk you through a telltale story of tech horror that will snatch away your good night’s sleep. The world of tech is bright and promising but hidden behind the shining façade is a dark dungeon of conspirators who are always on the lookout for hunting and stealing user data without revealing their true intentions. This is precisely the story of today’s smartphone manufacturers who are engaging themselves in the heinous act of lacing their products with malware.
For starters, malwares are chunks of codes that are injected into your phone or computer with the intention of stealing your personal information without you even knowing that something like that is happening!
In an interesting study by a 30-year old German antivirus company called GData, some shocking information has been released. According to the report, at least 20 different smartphone manufacturers are shipping their products preinstalled with malware! Some of the most disturbing aspects are:
- Three in this list of 20 brands, are big names.
- Preinstalled applications that are laced with malwares include some daily use apps like Facebook and Google Drive.
- These applications cannot be uninstalled because they are system apps.
- No one will know whether the phones have malware or not because these malware codes mask themselves as genuine apps and run in the background.
- The malwares are designed to read and send text messages, read contacts database, access internet, access location data, write on external storage etc. These are just a few of the several functions they can perform. In short, these malwares have administrator access.
GData has been conducting this study for some time. Last year the company revealed a few names like Icefox Razor, Star N8000 and Star N9500 which are shipped with preinstalled malware. This year however, the list of names include biggies like Lenovo, Huawei and Xiaomi. Interestingly, all these three big brands are Chinese manufacturers. Here is the quick list of 20 smartphones released by GData:
- Alp GQ2002
- Alps 2206
- Alps 709
- Alps 809T
- Alps A24
- Alps H9001
- Alps N9389
- Alps PrimuxZeta
- Alps ZP100
- Android P8
- ConCorde SmartPhone6500
- DJC Touchtalk
- Huawei G510
- Lenovo S860
- NoName S806i
- SESONN N9500
- SESONN P8
- Xiaomi MI3
- Xido X1111
How exactly are these malware-laced smartphones working?
Okay, that’s an interesting question. According to GData, daily use apps like Facebook and Google Drive are modified and are injected with malware code. The infected apps are then installed as system app with full administrative access. Since they are system apps, users cannot uninstall them. Also, these apps being system apps, people really do not bother about checking what they are doing.
Citing examples, GData gave examples of malware they found in both Facebook and Google Drive apps. Let us take a look:
Facebook App: GData found the following malware hidden deep inside the app’s code: Android.Trojan.Andup.D (1-AP6YWG).
Google Drive App: Android.Monitor.Gsyn.B malware was found hidden in the Google Drive app by GData.
Exactly how these infected apps work has already been mentioned above. Just to reiterate, they have administrative access. So, they can access everything from SMS to emails, user location and any data stored in the phone. The information these malware codes gather is sent to their servers for later use. Also, these malwares provide direct access to other apps to any sensitive information without asking for user permission.
What GData has to say?
GData however says that it is unlikely for reputed brands to get involved in such malicious practices and that possibly middlemen commit this heinous act before selling the products.
- The identified apps are system apps. Changing or modifying these apps require root access. Assuming that middlemen do this, they need to first get root access to these devices to uninstall clean apps and then install modified malware-laced apps and then close root access. Fine! Smartphone manufactures can do nothing about this. But when the manufactures send system update or firmware update, why aren’t they able to detect the modifications? They should be able to detect that system apps have been modified.
- What is there to say about Lenovo which came under heat once it was identified that the company was shipping laptops preinstalled with a malware named ‘Superfish’? Lenovo has a track history of bad business practices.
- NDTV reports that Xiaomi’s largest overseas market is India.
- Chinese smartphone makers are dumping their smartphones in India ever since PM Narendra Modi announced the Make in India drive – Reports from both Times of India and The Economic Times.
Things to note:
Why did we bring up these two points? Well, there are several aspects from which one can analyze the impact of releasing malware-laced smartphones in market and analyzing this from Indian perspective is one of them. We are not saying that malware-laced phones are just fine as long as they are not coming in India. It is never fine because stealing anyone’s personal data is never a good practice. However, from India’s point of view, the ever-increasing intrusion of China along the borders and attempts of showing Indian demographic borders as part of Chinese area are no less than hostile moves.
Imagine what happens when:
- Malware-laced smartphones are used by Indian politicians and defense personnel.
- Malware-laced smartphones are used by businessmen.
Vital information can be lost and that can actually shake the nation’s security. It is high time that such malpractices be taken very seriously and countermeasures be applied immediately before it is too late to react.
If really middlemen are committing this heinous act, they need to be identified and made accountable. It is absolutely necessary to know what they are doing with people’s data apart from just opening doors to unsolicited advertisements. Given the fact that GData’s analysis show that malwares have admin access to phones, it can actually mean serious issues of identity theft and other serious crimes. What do you think about this?