A Chinese Android smartphone that is selling on Amazon, eBay and other online stores have been found to contain a virus that pretends to be the Google Play Store.
This virus steals the user’s data when logged onto the bogus store.
The Star N9500, is resemblance to the Samsung’s Galaxy S4 Android smartphone. It is manufactured in China but the phone is sold through resellers located in Belfast and Hong Kong.
The Trojan is known as “Uupay.D“, its disguised as the Google Play Store. It is pre-installed on the Android smartphone with no way to be removed by the user, according to German security company G Data.
G Data has analyzed one of the smartphones purchased directly from the factory in China and verified its vulnerability.
The scary aspect of this, is that online criminals have full access to these smartphones.
All AccessThe malware attached to these Androids, steal personal data from the phone and sends it to an anonymous server located in China. This Android malware is also capable of installing additional applications or viruses without the user’s knowledge.
The only thing users see is an app with the Google Play Store icon in the running process. The virus enables criminals to track the location of the smartphone, intercept and record phone calls, make purchases and send premium text messages without the user’s permission. All completely discrete and disguised.
The authentic phone usually costs £500 while the Chinese smartphones are going for £120. Users are noticing reviews on this product range from one to five stars. Although, they are complaining about the poor quality and noticing the phone starts to break down after a couple of months.
The device is offered with an extensive list of accessories which includes a second battery, car charging adapter and second cover.
The low price of a smartphone with such a wide range of features is a criminal tactic, according to Geschkat, a product manager at G Data.
Buyers Beware: Cheap offers online that seem tempting should make buyers suspicious. There is no such thing as free.
Android accounted for 97% of the malware targeted at mobile devices last year. This is an increase of 20% a year, according to data from a security firm F-Secure.
Even though this malware is already installed onto these devices from the Google Play store, it accounts for only 0.1% of malware.
Malware from these Android’s can’t be blamed for all accounts.
The majority of all malware is downloaded from third-party app stores including the Chinese stores Baidu and Anzhi, where access to Google Play is restricted.
Have you come across these phones? We’d love to hear from you, please leave your comments below!
Chinese smartphone on sale on Amazon and eBay contains built-in malware – TheGuardian
Published: June 18, 2014
Related posts:Compromised Sites Serving Android Malware via Drive-by-Downloads
Researchers Find More Android Malware: Some Send Expensive SMS, Others Steal Data
Android Trojan Can Partake in DDoS Attacks, Send SMS Spam
Watch Out for Mobile Adware