That cheap smartphone you may have purchased may come preloaded with an unwelcome app – one that can turn your phone into a sophisticated spying device.
German researchers say they found that the Star N9500 Android smartphone, which is a knockoff of the popular Samsung Galaxy S4, is infected with spyware capable of retrieving personal data, intercepting calls and text messages, and having its camera and microphone operated remotely. Someone with control of the phone could also install other nefarious applications.
According to German security firm G DATA, which discovered the malware, personal information collected by the phone is then sent back “to a server located in China and is able to covertly install additional applications.”
The infection is so bad that large online retailers like eBay and Amazon removed the phone from their inventories though when VOA last checked, Amazon was still selling another Star model smartphone.
“Due to reports that some Star N9500 smartphones are loaded with spyware, eBay is not allowing the sale of these devices as a precautionary measure,” a spokesman for eBay said in an email.
G DATA first became aware of the spyware after receiving tips from owners.
One of the first red flags was that the manuals included with the phone had no information about how to contact the company, said Thorsten Urbanski, a spokesman for G DATA.
Urbanski added that in China, vendors must have website for customer support.
“They don’t have one,” he said. “It’s very strange.”
A deeper analysis revealed that the phones’ parts included no information about the manufacturer and many of the serial numbers were peculiar, according to Urbanski.
They then analyzed the phone’s firmware and discovered malware called Android.Trojan.Uupay.D, which was disguised as an app in the Google Play store.
According to G DATA, the “spy function is invisible to the user and cannot be deactivated.” Furthermore, the program blocks the installation of security updates.
Urbanski said one of the alarming aspects of the phone is the number sold, which is hard to tell. The price for the phone ranges from $177 to $225, considerably less than one would pay for the Samsung Galaxy S4.
“It seems to be one of the best-selling low-cost smartphones,” he said.
According to the Pew Research Internet Project, 58 percent of American adults have a smartphone. Android phones attract 98 percent of mobile phone malware, according to Internet security firm Kaspersky.
While the Star N9500 is currently the focus of attention, Urbanski said G DATA was in the process of analyzing other Star phones as well as other brands to see if they have the same firmware infection. He added that Samsung phones as well as Chinese Huawei phones did not appear to be compromised.
Cyber security expert Christopher Burgess, CEO of Prevendra, Inc., an Internet security firm, said if the phones are counterfeit copies of the Samsung phone “one should not be surprised that counterfeit hardware comes pre-loaded with ‘value added features’ which enhance the profitability for the counterfeit manufacturer.”
“It is a bit of karma for those who support the supply chain of counterfeit goods, and drives home the point, if the deal is too good to be true, it probably is,” he said.
German researchers say they found that the Star N9500 Android smartphone, which is a knockoff of the popular Samsung Galaxy S4, is infected with spyware capable of retrieving personal data, intercepting calls and text messages, and having its camera and microphone operated remotely. Someone with control of the phone could also install other nefarious applications.
According to German security firm G DATA, which discovered the malware, personal information collected by the phone is then sent back “to a server located in China and is able to covertly install additional applications.”
The infection is so bad that large online retailers like eBay and Amazon removed the phone from their inventories though when VOA last checked, Amazon was still selling another Star model smartphone.
“Due to reports that some Star N9500 smartphones are loaded with spyware, eBay is not allowing the sale of these devices as a precautionary measure,” a spokesman for eBay said in an email.
G DATA first became aware of the spyware after receiving tips from owners.
One of the first red flags was that the manuals included with the phone had no information about how to contact the company, said Thorsten Urbanski, a spokesman for G DATA.
Urbanski added that in China, vendors must have website for customer support.
“They don’t have one,” he said. “It’s very strange.”
A deeper analysis revealed that the phones’ parts included no information about the manufacturer and many of the serial numbers were peculiar, according to Urbanski.
They then analyzed the phone’s firmware and discovered malware called Android.Trojan.Uupay.D, which was disguised as an app in the Google Play store.
According to G DATA, the “spy function is invisible to the user and cannot be deactivated.” Furthermore, the program blocks the installation of security updates.
Urbanski said one of the alarming aspects of the phone is the number sold, which is hard to tell. The price for the phone ranges from $177 to $225, considerably less than one would pay for the Samsung Galaxy S4.
“It seems to be one of the best-selling low-cost smartphones,” he said.
According to the Pew Research Internet Project, 58 percent of American adults have a smartphone. Android phones attract 98 percent of mobile phone malware, according to Internet security firm Kaspersky.
While the Star N9500 is currently the focus of attention, Urbanski said G DATA was in the process of analyzing other Star phones as well as other brands to see if they have the same firmware infection. He added that Samsung phones as well as Chinese Huawei phones did not appear to be compromised.
Cyber security expert Christopher Burgess, CEO of Prevendra, Inc., an Internet security firm, said if the phones are counterfeit copies of the Samsung phone “one should not be surprised that counterfeit hardware comes pre-loaded with ‘value added features’ which enhance the profitability for the counterfeit manufacturer.”
“It is a bit of karma for those who support the supply chain of counterfeit goods, and drives home the point, if the deal is too good to be true, it probably is,” he said.