Allegations about the Chinese government’s potential espionage have been around for a while but there has been no evidence to corroborate that theory. People have always been cautious about using Chinese handsets and now German security firm G Data Software says that Android phones manufactured in China are being shipped pre-loaded with malware.
According to researchers at G Data, the Star N9500 and possibly the Orient N9500 Android smartphones, which are easily available for sale through outlets like Amazon and eBay for relatively low prices is said by to be infected with the Uupay.D Trojan horse, posing as a variant of the Google Play Store app. The spyware trojan running in the background is capable of intercepting personal information transmitted over the phone, such as banking details, phone calls, emails and text messages and sends that data over to an anonymous server based in China. The security company said Uupay.D can vaguely take control of the smartphone's camera and microphone and covertly install more spyware onto the device. In addition to giving hackers complete access to the phones, the trojan also blocks security updates from being installed to the handset.
So far the malware is only discovered to exist in Europe and the handset looks very similar to the popular Galaxy S4. In other words, people in the USA are probably safe as of now but there is no telling where else the trojan Android.Trojan.Uupay.D may covertly be residing. It is not possible to uninstall the manipulated app and the spyware since they are consolidated into the firmware at the factory itself. According to G Data Software, large online retailers are still selling the Android smartphones across Europe at prices ranging from 130 to 165 euros.
Strangely, the security firm did not actually unearth the malware on its own, but was instead apprised by consumers who purchased the device. It is been suspected that the low priced high-end specifications phone was sold at a loss and subsidized through the reselling of personal data stolen from unsuspecting users. In other words, the cheaper price made it an attractive bargain to the European consumers, resulting in the spread of malware and ultimately the stolen data became more worthy than the loss on the initial sale of phones.
While the handset manufacturer hasn’t been traced yet, the users are at risk of identity theft, financial breaches, given the amount of personal information that was intercepted. And, needless to say, people using the handset should stop immediately and take measures to minimize the effect, such as changing all passwords as soon as possible for banking, email and social media sites.