When you’re buying a new smartphone, there are a range of things that you expect, such as immaculate hardware, a responsive screen and support from the manufacturer should things go wrong. However, what you don’t expect is for your phone to come loaded with malicious software straight out of the box. Unfortunately, if you buy one of over 40 budget-range Android smartphones, you could be in for a nasty surprise.
What’s the problem?
An antivirus software company called Dr. Web, based in Russia, recently published information about a new security threat facing certain Android device users. Their research, published on the 2nd March, highlighted how over 40 Android smartphones from the budget end of the market are being sold with a trojan pre-installed onto the handset.
The term ‘trojan’ comes from the historical tale of the Greeks and their wooden trojan horse, which was used to gain access to the city of Troy. The Greeks hid inside of the horse, which was disguised as a gift. Similarly, a trojan in computing is in fact a virus that masquerades as a legitimate, safe and trusted application. Far from being safe, once installed on your device, it serves malicious purposes, such as tracking and stealing data.
The trojan itself is named Android.Triada.231, or Triada for short. and is a banking trojan, meaning that it was created for the purpose of siphoning off the personal financial data of its affected users. It is pre-installed on the below list of 42 Android handsets:
Leagoo M5
Leagoo M5 Plus
Leagoo M5 Edge
Leagoo M8
Leagoo M8 Pro
Leagoo Z5C
Leagoo T1 Plus
Leagoo Z3C
Leagoo Z1C
Leagoo M9
ARK Benefit M8
Zopo Speed 7 Plus
UHANS A101
Doogee X5 Max
Doogee X5 Max Pro
Doogee Shoot 1
Doogee Shoot 2
Tecno W2
Homtom HT16
Umi London
Kiano Elegance 5.1
iLife Fivo Lite
Mito A39
Vertex Impress InTouch 4G
Vertex Impress Genius
myPhone Hammer Energy
Advan S5E NXT
Advan S4Z
Advan i5E
STF AERIAL PLUS
STF JOY PRO
Tesla SP6.2
Cubot Rainbow
EXTREME 7
Haier T51
Cherry Mobile Flare S5
Cherry Mobile Flare J2S
Cherry Mobile Flare P1
NOA H6
Pelitt T1 PLUS
Prestigio Grace M5 LTE
BQ 5510
Origins of the issue
It seems unusual that so many devices could be affected. However, things become clearer when you look at the standard production process for an Android device. When a software producer provides a software image to a phone manufacturer, their Android applications can sometimes require system-level access. Unfortunately, a software company in Shanghai introduced suspicious code into the system libraries that underpin the Android OS. This unusual requirement was not challenged and ultimately resulted in the trojan-infected software making it into mass-production.
How to overcome the problem
If you've already purchased a smartphone from the affected list and have been using it regularly, particularly for financial reasons, then you should stop using the handset and contact WiseGuys for further advice. Though there's no way to know if your data has been compromised, it's worth speaking to your bank and changing your financial accounts' login credentials, on an unaffected device or computer, to ensure nothing is compromised.
Triada is a powerful trojan and has the ability to root a device. In Android terms, when an application has root access, it is able to access and alter the Android's core operating system code, allowing changes to be made that would normally be disallowed by the manufacturer, in many cases for security purposes. The trojan uses these permissions to infect one of the core Android operating system processes, making itself almost impossible to get rid of, short of fully wiping your handset and installing Android again.
So, in summary, although there is a means of resetting and reinstalling the operating system, the best preventative measure would be to avoid buying an affected smartphone from the above list of 42 devices. You can still get a budget-range or mid-range smartphone for a reasonable price, without paying the kinds of prices attached to Apple and Samsung devices; brands such as Huawei and Xiaomi have been making waves in the smartphone arena lately, for example.
WiseGuys available for advice
If you’re an owner of one of the devices listed above, or even another handset model from one of the potentially affected brands, then you can give us a call on 0808 123 2820 to voice your concerns. We can discuss any fears that you have, help you with resetting and reinstalling an Android operating system, or guide you on purchasing a new smartphone.
Recent Comments