Chinese Android smartphone comes with malware pre-installed


Star N9500A German security firm is reporting that an Android smartphone manufactured in China is shipping with malware pre-installed on it.

The Star N9500 smartphone, which can be easily found available for sale via outlets like Amazon and eBay for relatively cheap prices, is said by researchers at G Data to be infected with the Uupay.D Trojan horse, posing as a version of the Google Play Store app.

According to the security firm, the spyware trojan runs in the background stealing information, and sending it to a server based in China:

The spy function is invisible to the user and cannot be deactivated. This means that online criminals have full access to the smartphone and all personal data. Logs that could make an access visible to the users are deleted directly.

Well, there is one way to detect the malware of course. You can run up-to-date anti-virus software on your phone.

G Data screenshot of Android malware detection

The only problem is - your Android smartphone may not be receiving security updates because the malware is preventing them from being downloaded:

The program also blocks the installation of security updates.

And the problem gets worse. According to G Data’s Christian Geschkat, it’s no easy feat to remove Trojan horse from infected devices:

Unfortunately, removing the Trojan is not possible as it is part of the device’s firmware and apps that fall into this category cannot be deleted. This includes the fake Google Play Store app of the N9500.

So, the question is this. Did the manufacturers of this Android smartphone deliberately plant malware on its devices, or did something go badly wrong on their production line which allowed the malware to sneak its way onboard?

Either way - there seems good reason to stay well clear if you value your privacy and want to keep your personal information out of the hands of others.

More information about the discovery of the malware can be found on G Data’s blog.

Tags: , , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , , ,

6 Responses

  1. Matt Harwood

    June 17, 2014 at 1:19 pm #

    Would you know if this can be mitigated by formatting and installing a ROM, Graham?

    Another example of going cheap not paying off!

  2. Narg

    June 18, 2014 at 2:09 pm #

    I’d say that all Android phones have malware installed from the get go. It’s called Google.…

  3. Leopold

    June 23, 2014 at 1:44 pm #

    Well, phones from the USA usually comes with spy software, too.
    Made by the NSA. So whatever…

  4. Mark

    July 15, 2014 at 3:23 pm #

    Hardly surprising. No different from what google is doing anyway. Why shouldn’t the Chinese have a knock-off version.

  5. Someone

    January 30, 2015 at 1:08 am #

    Stop saying that Android already comes with malware, you are lying, android is an Open-Sorce project.

    • Securiconvex in reply to Someone.

      December 1, 2018 at 10:19 am #

      Lol @ you.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.