Chinese Smartphone Leaves Factory With Malware On Board

German security company G Data has discovered a brand of Chinese-made Android smartphones that apparently ship with malware pre-installed on the system.

Star N9500 is a five-inch quad-core handset with an HD screen that looks suspiciously similar to the Samsung Galaxy S4. It is available in Europe through popular online retailers, priced around £90.

Turns out the surprisingly affordable device contains Android.Trojan.Uupay.D, which is impossible to remove, since it has been integrated into the firmware. G Data suggests that Star N9500 is so cheap because the manufacturing costs are offset by the value of stolen data.

The company calls this the first incident of its kind.

Brand new

According to G Data, the Trojan is disguised as the Google Play Store process. It runs in the background and receives instructions from an anonymous server located in China. The malware gives the attacker complete control over the handset and enables them to copy data, intercept calls, read emails and text messages and control the microphone and camera.

Android.Trojan.Uupay.D can also install additional applications without the knowledge of the user, and block the installation of security updates.

“The options with this spy program are nearly unlimited. Online criminals have full access to the smartphone,” noted Christian Geschkat, product manager for Mobile Solutions. “G DATA customers reported a detection by our security solution and thus alerted us to this criminal tactic.”

Geschkat notes that the smartphone offers a fairly high-end specification and ships with a large number of accessories including a second battery, car charging adapter and second cover.

He thinks that the low price of the mobile device is made possible by the subsequent selling of data records stolen from its future owner.

G Data advises that, since the malware cannot be easily removed, anyone unlucky enough to purchase N9500 should return it for a refund. Since the news first surfaced online, Amazon and some of the other online retailers have already removed the pages selling the device.

This is not the first strain of mobile malware to disguise itself as the Google Play Store process. Security vendor FireEye has just discovered a different malicious app that hides its activities and uses the same icon.

Are you an Android master? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

6 hours ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

8 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

9 hours ago

VW, Rivian Launch Joint Venture, As Investment Rises To $5.8 Billion

Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…

10 hours ago

AMD Axes 4 Percent Of Staff, Amid AI Chip Focus

Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…

13 hours ago

Tesla Recalls 2,431 Cybertrucks Over Propulsion Issue

Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…

14 hours ago