Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[sevenlayermuddle]

Interesting story, reported not only by the Beeb but many other sources too...

http://www.bbc.co.uk/news/technology-27908105

I am not familiar with the German security firm 'Gdata' who it would seem broke the story, and so I personally will remain open-minded as to whether it is true or twaddle.

https://www.gdata-software.com/newsroom/news/article/android-smartphone-shipped-with-spyware.html

Still, I am prepared to believe it could be true, which is scary enough. 

[roseway]

Scary indeed.

[kitz]

Just to clarify that the affected phone is the Star N9500.

Judging by all the reports it does indeed appear to be true that the Star N9500 - which is a cheap chinese clone of the Samsung Galaxy S4 - comes shipped with the trojan Android.Trojan.Uupay.D   It would appear that you cant even get rid of the trojan it as its pre-installed by the manufacturer as part of the firmware.   

To me that sounds like a deliberate infection by someone quite big & highup in the chain and I agree that its scary the amount of information its supposed to be sending back to a chinese server.   

I wonder if it will ever materialise just whom is maintaining the server.  Is it deliberate by Star, who wrote their firmware?  Where they extremely lapse to allow someone to install it in their firmware.

... or even bear in mind the Star N9500 costs about £120.  Having just seen a photo of it, it does indeed look remarkably like the S4.  Ive no idea how much they cost now, but when I got my s4mini last year, the S4's were retailing at £500.  Samsumg cant be too pleased that a chinese company has ripped off one of their top phones and selling it for a fraction of the cost.

Interesting though is the news from a Kasperksy Lab Expert reporting in March this year, that other Chinese phones have been found to be pre-installed with Trojan.AndroidOS.Uupay.a.  No comment on what the chinese gov is like when it comes to what they do and monitor when it comes to the internet.

Theres a kaspersky article here which shows just what the trojan is capable of doing.   Now that is scary 

[renluop]

And Cameron wants Chinese involvement in nuclear and HS2 projects.

[sevenlayermuddle]

Yes it is cheap, but... From the G Data link posted earlier...

The security experts at G DATA think that the low price of the mobile device is made possible by the subsequent selling of data records stolen from the smartphone owner.

I see it now seems to have vanished from Amazon too, though it was still there late last night.

[kitz]

I see it now seems to have vanished from Amazon too, though it was still there late last night.

It got pulled at about the time I was making my post last night.   I was starting to read some reviews (which if iirc were mostly 4 star) , then when I clicked on one to 'read more' the whole lot vanished.

-----

>> the low price of the mobile device is made possible by the subsequent selling of data records

Yes.   I also saw last night on another technical site that there was speculation that Star had installed the malware app deliberately to offset the cheap price.  ie they got paid for the advertising aspect that was included in the rouge 'Play store' app.  However...  the malware also not only does the ad type serving & tracking, it then also opens up the device for other backdoor nasties to be installed.   Bearing in mind that this is just speculation, but it does seem a feasible reason.

Whether or not Star were aware that by bundling the malware as part of the firmware, it would then open it up to further nasties, I guess we shall just have to wait and see.   

[kitz]

And Cameron wants Chinese involvement in nuclear and HS2 projects.

I know..   there's already been rumours & concerns about Huewei equipment.

We know for a fact that China internet is restricted and monitored...  and the vast amount of staff that are employed by the Chinese gov to monitor internet activities is unbelievable.   Then earlier this year its come to light that Chinese manufactured phones for use in China are being deliberately bundled with Trojan.AndroidOS.Uupay.A   ....      and now we have chinese phones exported to other countries that include Android.Trojan.Uupay.D

I guess nothing is private anymore.


 

[Chrysalis]

kitz apparently clones have been around for years, I remember finding out about them a couple of years back and went on youtube, was pelnty of videos showing clones and people asking where to buy these clones, crazy stuff.