Cheap Chinese phones found to be shipping with malware

(Image credit: Techradar)

Showing advertisements on smartphones is not a new concept. Sometime back Amazon tried selling phones at subsidized rates if users were OK with lock-screen ads. While this was a win-win situation where users would get the same device at a cheaper price and the advertisers would get a better reach. Though it got mixed reactions and thanks to Google’s ban on lock-screen ads, the project was dumped.

For some OEM’s advertisements are a major source of revenue. Chinese smartphone maker Xiaomi, that prefers calling itself an Internet company, has openly accepted that since it sells devices on a razor-thin margin, advertisements on phones become a major part of its revenue. Realme has also integrated advertisements (opens in new tab) in its UI despite mocking Xiaomi several times for doing so.

The fact that Samsung has also not shied away from showing ads even on their flagship devices suggest that it’s not just a Chinese phenomenon. Though Samsung does not sell phones on subsidized rates still its premium flagship devices are also marred (opens in new tab) with these pesky ads.

Another Chinese brand Transsion Holdings, that unlike the names mentioned above, only focuses on entry-level phones. It sells feature phones under the Itel brand and cheap smartphones under Tecno and Infinix brands. If the combined sales is accounted for, Transsion is the fourth largest phone maker globally after the likes of Apple, Samsung and Huawei.

According to a report (opens in new tab) from BuzzFeed, some smartphones from Transsion are laced with malware that is not only eating up their mobile internet quota but showing pop-up ads and is also offering a backdoor to install applications that signs up users for paid subscriptions without their knowledge.

These are normally full-screen ads that interrupt calls or chats and use up the data balance forcing the users to top-up their accounts. The report cites the experience of a user with Tecno W2, who bought the phone since it is extremely affordable and has been experiencing vanishing data balance, pesky advertisements and app subscriptions that he never authorized.

Unethical means

According to Secure-D, a mobile security service, this Tech W2 phone was found infected with xHelper and Triada malware. Secure-D also states that while Transsion’s mobile internet traffic accounts for just 4% of users in Africa, it accounts for over 18% of suspicious clicks. Within the period between March and December 2019, Secure-D’s systems deployed at various telecom carriers, have intercepted and blocked over 844,000 transactions connected to preinstalled malware on Transsion phones.

While Transsion in a statement to BuzzFeed accepted that some of the Tecno devices were found to be infected with the malware, the company, however, blamed an unidentified vendor in the supply chain behind this unscrupulous activity.

Modus operandi

Since most of these ultra-low budget phones are sold in developing countries in Africa and Asia and are targeted towards people in the low-income group, it is easy for the manufacturers to lace these devices with malware. Most users in this group are not aware of the importance of consumers’ data security and product safety or care less about it.

To grab a broader market, share the price point is often kept extremely low, luring people to buy devices with latest features. Often Chinese manufactures end up selling phones at a loss, however, this ensures recurring income for the makers. Though, Transsion, in this case, has denied making any profits from the malware.

Alcatel phones made by TCL phones sold in countries like Brazil, Malaysia, and Nigeria were also found (opens in new tab) to have shipped with similar malware preinstalled.

The majority of the population in these countries, where these cheap Chinese smartphones have been selling like hotcakes, comes under the economically weaker section. These people do not have a high disposable income, hence the data that the spyware and malware apps eat up is a major part of their monthly income.

Interestingly, Triada and xHelper malware are stubborn and even a factory reset cannot help users get rid of them, leaving users as vulnerable as they were when the malware was discovered.

Though Transsion has released a patch for both Triada and xHelper that needs to be downloaded and installed on the phones, the problem lies in the approach of these companies that makes smartphone users a product.

Jitendra Soni

Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.