How a New Budget-Range Smartphone Could Steal Your Data

When you’re buying a new smartphone, there are a range of things that you expect, such as immaculate hardware, a responsive screen and support from the manufacturer should things go wrong. However, what you don’t expect is for your phone to come loaded with malicious software straight out of the box. Unfortunately, if you buy one of over 40 budget-range Android smartphones, you could be in for a nasty surprise.

What’s the problem?

An antivirus software company called Dr. Web, based in Russia, recently published information about a new security threat facing certain Android device users. Their research, published on the 2nd March, highlighted how over 40 Android smartphones from the budget end of the market are being sold with a trojan pre-installed onto the handset.

The term ‘trojan’ comes from the historical tale of the Greeks and their wooden trojan horse, which was used to gain access to the city of Troy. The Greeks hid inside of the horse, which was disguised as a gift. Similarly, a trojan in computing is in fact a virus that masquerades as a legitimate, safe and trusted application. Far from being safe, once installed on your device, it serves malicious purposes, such as tracking and stealing data.

The trojan itself is named Android.Triada.231, or Triada for short. and is a banking trojan, meaning that it was created for the purpose of siphoning off the personal financial data of its affected users. It is pre-installed on the below list of 42 Android handsets:

Leagoo M5

Leagoo M5 Plus

Leagoo M5 Edge

Leagoo M8

Leagoo M8 Pro

Leagoo Z5C

Leagoo T1 Plus

Leagoo Z3C

Leagoo Z1C

Leagoo M9

ARK Benefit M8

Zopo Speed 7 Plus

UHANS A101

Doogee X5 Max

Doogee X5 Max Pro

Doogee Shoot 1

Doogee Shoot 2

Tecno W2

Homtom HT16

Umi London

Kiano Elegance 5.1

iLife Fivo Lite

Mito A39

Vertex Impress InTouch 4G

Vertex Impress Genius

myPhone Hammer Energy

Advan S5E NXT

Advan S4Z

Advan i5E

STF AERIAL PLUS

STF JOY PRO

Tesla SP6.2

Cubot Rainbow

EXTREME 7

Haier T51

Cherry Mobile Flare S5

Cherry Mobile Flare J2S

Cherry Mobile Flare P1

NOA H6

Pelitt T1 PLUS

Prestigio Grace M5 LTE

BQ 5510

Origins of the issue

It seems unusual that so many devices could be affected. However, things become clearer when you look at the standard production process for an Android device. When a software producer provides a software image to a phone manufacturer, their Android applications can sometimes require system-level access. Unfortunately, a software company in Shanghai introduced suspicious code into the system libraries that underpin the Android OS. This unusual requirement was not challenged and ultimately resulted in the trojan-infected software making it into mass-production.

How to overcome the problem

If you've already purchased a smartphone from the affected list and have been using it regularly, particularly for financial reasons, then you should stop using the handset and contact WiseGuys for further advice. Though there's no way to know if your data has been compromised, it's worth speaking to your bank and changing your financial accounts' login credentials, on an unaffected device or computer, to ensure nothing is compromised.

Triada is a powerful trojan and has the ability to root a device. In Android terms, when an application has root access, it is able to access and alter the Android's core operating system code, allowing changes to be made that would normally be disallowed by the manufacturer, in many cases for security purposes.  The trojan uses these permissions to infect one of the core Android operating system processes, making itself almost impossible to get rid of, short of fully wiping your handset and installing Android again.

So, in summary, although there is a means of resetting and reinstalling the operating system, the best preventative measure would be to avoid buying an affected smartphone from the above list of 42 devices. You can still get a budget-range or mid-range smartphone for a reasonable price, without paying the kinds of prices attached to Apple and Samsung devices; brands such as Huawei and Xiaomi have been making waves in the smartphone arena lately, for example.

WiseGuys available for advice

If you’re an owner of one of the devices listed above, or even another handset model from one of the potentially affected brands, then you can give us a call on 0808 123 2820 to voice your concerns. We can discuss any fears that you have, help you with resetting and reinstalling an Android operating system, or guide you on purchasing a new smartphone.

Latest Articles

General January 09, 2017

The Microsoft Scam

The Microsoft Scam. Find out what it is and how to protect yourself.