A popular Chinese Android Smartphone comes pre-installed with a Trojan that could allow manufacturer to spy onto their users' comprising their personal data and conversations without any restrictions and users knowledge.
GOOGLE PLAY STORE OR A SPYING APP?
According to the researchers at the German security firm G Data, the Star N9500 smartphone, a popular and cheap handset device in China, comes pre-installed with Uupay.D Trojan horse, disguising as a version of the Google Play Store.
The trojan camouflage as the Google Play Store, so it enables Chinese Company to secretly install malicious apps, which creates the whole spectrum of abuse.
STEALING WITHOUT RESTRICTIONS
The nasty Spyware runs in the background and has capability to steal personal information, copy users' data, record calls automatically with unlimited time and send costly SMS to premium services, thereby sending all the stolen information to an anonymous server based in China.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
The malware is also capable to activate the microphone on users' smartphone at any time in order to turn users' smartphone into a bugging device that allows hackers to hear anything you are saying near by the phone.
"The spy function is invisible to the user and cannot be deactivated," reads the blog post published yesterday. "This means that online criminals have full access to the smartphone and all personal data. Logs that could make an access visible to the users are deleted directly."
REMOVAL OF THE TROJAN NOT POSSIBLE
In addition, the malicious software allow preventing security updates from being downloaded and one can not disable the program. "The program also blocks the installation of security updates," claimed G Data.
Moreover, it is not possible to uninstall the trojan because it is embedded in the firmware of the Star-phone device.
"Unfortunately, removing the Trojan is not possible as it is part of the device's firmware and apps that fall into this category cannot be deleted," said Christian Geschkat, Product Manager at G Data. "This includes the fake Google Play Store app of the N9500."
CHEAP PRICE ATTRACTS USERS
The Star N9500 is an affordable copy of the Samsung Galaxy S4, which can be easily found at various online retailers such as eBay and Amazon for 130 to 165 euros and is also equipped with a variety of accessories, such as a second battery, car charger adapter and a second cover.
But considering the high technological standard of device, the low price comes as a surprise and the security researchers at G DATA believe that it is the cheap price of the mobile device that has made possible by the subsequent selling of data records stolen from the smartphone owner.
HOW TO CHECK IF YOU'RE AFFECTED
We recommend you to download an up-to-date Mobile Anti-virus software and scan your device for the trojan and if found return the device back from where you purchased.
Avoid buying Chinese and cheap products in order to keep your privacy and personal information away from the hands of cyber criminals and prying eyes.