INTRO: While major smartphone manufacturers are constantly trying to secure their devices, a China-based company is selling smartphones with built-in malware. According to reports, the malware comes bundled with phone and is responsible for downloading other malicious software without the user’s knowledge.
Tecno W2 comes bundled with malware
“Tecno W2” is manufactured by Shenzhen-based company, “Transsion”. The company sells cheap smartphones in various markets of countries like Cameroon, Ethiopia, Egypt, and South Africa. And these smartphones are particularly popular in South Africa, with the company reportedly holding almost 41% shares of the smartphone market in the country.
Now, according to recent reports, the popular “Tecno W2” smartphones come with the “Triada” malware right from the factory. The suspicion began when a user started experiencing interruptions in his calls and chats by unwanted pop-up ads and suddenly his prepaid plan kept getting depleted. The malware also kept signing up the user for various unwanted services without his knowledge.
After these initial issues, Secure-D, a mobile security service started testing the smartphones to reveal any security vulnerability. And as per their recent report, the “Tecno W2” smartphones come with the “Triada” malware that “acts as a software backdoor and malware downloader” and “It installs a trojan (a piece of malicious code designed to look normal) known as ‘xHelper’ onto compromised devices”.
“Secure-D caught and blocked an unusually large number of transactions coming from Transsion Tecno W2 handsets mainly in Egypt, Ethiopia, South Africa, Cameroon, (and) Ghana, with some fraudulent mobile transaction activity detected in another 14 countries. To date, a total of 19.2m suspicious transactions — which would have secretly signed users up to subscription services without their permission — have been recorded from over 200k unique devices.”, reads the report
The built-in malware, Transsion’s “Tecno Mobile” stated that this particular issue “was old and solved mobile security issue globally”. And a software update was rolled out way back in 2018 to fix the problem.