Tecno and Infinix Smartphones might have a malware stealing Users’s Data and Money – Report

Tecno Camon CX fingerprint scanner

A recently published report suggests that some low-cost Android smartphones might have come with bundled malware that has stolen not only data but also the hard-earned money from the users who end up buying budget smartphone due to their low income. Transsion Holdings – a China-based company behind the two mobile brands, Infinix and Tecno, is allegedly taken into account in the report.

Both the companies are known for offering affordable smartphones with attractive features, mostly in African and some Asian markets, including Pakistan and India. Though it’s not a hidden factor about these smartphones to carry bloatware and built-in third-party apps and games, users only complain but tend to remove or disable those apps. Sure these two are the most welcomed brands for mass markets.

The report published by Secure-D, based on an investigation by the security service, claims to have found a pre-installed software on at least one of these smartphones that were stealing money through the pre-paid data by subscription to some unknown services. The phone, “Tecno W2” was claimed to be infected with xHelper and Triada malware.

Secure-D explains that the malware would secretly download applications on the smartphone. Then without the user’s knowledge, it would subscribe to paid applications. The security service has blocked 19.2m suspicious subscription requests coming from low-end devices made by Transsion Holding.

During the investigation starting in March 2019, the Secure-D found and blocked an unusually large number of transactions coming from a single smartphone model from Transsion – Tecno W2. Though the transactions were mainly performed in Egypt, Ethiopia, South Africa, Cameroon, Ghana with 14 other countries.

The security experts have noted that the transaction requests were originating from the application named with com.mufc (com.mufc.umbtts) (a component of xHelper), whose source is unknown. The report said that users cannot download or install this app from Google Play store or any other Android app store.

In an earlier investigation about the malware called “Triada”, Google had concluded that not the manufacturer but a vendor, somewhere in the supply chain, could be responsible for placing the said malware component into the devices’ firmware.

To learn more about the malware, head over to the source below.

Load More Related Articles
Load More By Rehan Rasheed
Load More In Infinix