Chinese Android smartphone comes with malware pre-installed

Graham Cluley

Star N9500A German security firm is reporting that an Android smartphone manufactured in China is shipping with malware pre-installed on it.

The Star N9500 smartphone, which can be easily found available for sale via outlets like Amazon and eBay for relatively cheap prices, is said by researchers at G Data to be infected with the Uupay.D Trojan horse, posing as a version of the Google Play Store app.

According to the security firm, the spyware trojan runs in the background stealing information, and sending it to a server based in China:

The spy function is invisible to the user and cannot be deactivated. This means that online criminals have full access to the smartphone and all personal data. Logs that could make an access visible to the users are deleted directly.

Well, there is one way to detect the malware of course. You can run up-to-date anti-virus software on your phone.

G Data screenshot of Android malware detection

The only problem is – your Android smartphone may not be receiving security updates because the malware is preventing them from being downloaded:

The program also blocks the installation of security updates.

And the problem gets worse. According to G Data’s Christian Geschkat, it’s no easy feat to remove Trojan horse from infected devices:

Unfortunately, removing the Trojan is not possible as it is part of the device’s firmware and apps that fall into this category cannot be deleted. This includes the fake Google Play Store app of the N9500.

So, the question is this. Did the manufacturers of this Android smartphone deliberately plant malware on its devices, or did something go badly wrong on their production line which allowed the malware to sneak its way onboard?

Either way – there seems good reason to stay well clear if you value your privacy and want to keep your personal information out of the hands of others.

More information about the discovery of the malware can be found on G Data’s blog.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

6 Replies to “Chinese Android smartphone comes with malware pre-installed”

  1. I'd say that all Android phones have malware installed from the get go. It's called Google….

  2. Well, phones from the USA usually comes with spy software, too.
    Made by the NSA. So whatever…

  3. Hardly surprising. No different from what google is doing anyway. Why shouldn't the Chinese have a knock-off version.

  4. Stop saying that Android already comes with malware, you are lying, android is an Open-Sorce project.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.




Stay informed!

Join thousands of others by signing-up for the free “GCHQ” newsletter, containing the latest news and tips from security expert Graham Cluley.

Name:

Email:

Yes, I would like to subscribe to email updates from Graham Cluley. I know it’s easy to unsubscribe if I ever change my mind.