Skip to content ↓ | Skip to navigation ↓

Researchers from a German security provider say they have detected the first known case of an Android smartphone being shipped from the manufacturer with pre-installed malware disguised as a Google Play Store application.

“The spyware runs in the background and cannot be detected by users. Unbeknownst to the user, the smartphone sends personal data to a server located in China and is able to covertly install additional applications,” the team said.

“This makes it possible to retrieve personal data, intercept calls and online banking data, read emails and text messages or control the camera and microphone remotely.”

The model in question is the Star N9500, which is manufactured in China and being distributed across Europe, and the researchers say there is no way for a user to remove or disable the malicious application or the Android.Trojan.Uupay.D spyware because they are integrated with the smartphones own firmware.

“The spy function is invisible to the user and cannot be deactivated. This means that online criminals have full access to the smartphone and all personal data,” the team reported. “Logs that could make an access visible to the users are deleted directly. The program also blocks the installation of security updates.

The team began investigating the smartphone model after receiving inquiries from some of their customers, and say the malware can allow attackers to secretly install other malicious apps, putting users at risk of having their sensitive data intercepted, banking fraud, and being charged high rates in premium SMS scams.

“The intercepted data is sent to an anonymous server in China,” said Christian Geschkat. “It is not possible to find out who ends up receiving and using the data.”

Read More Here…

10 Ways Tripwire Outperforms Other Cybersecurity Solutions
  • THIS IS WHAT COMES OF touting business with pseudo-communist fascist (han ethnic gruop) Chinese Communist Party.. They are all about stealing intellectual property and locking up intellectuals….. you can download a google app to detect this trojan..detect-phone-infected-uupay-trojan/


    great tips thank for share useful information

  • dieseldoc

    I did scans on my n9000 using ESET, 360 security and the app mentioned by @obsurfer84 (thanks, bro) and found it clean. Hopefully. However……I noticed something interesting. Since the reviews of this phone appeared which talk about the Trojan (after I bought my phone) the price has pummeted on Amazon UK. What's going on? Are the manufacturers or suppliers trying to dump the phones because of the bad press or is the threat real and so subtle that 3 different virus scanners didn't spot it, leading to a price slash to tempt more victims? I like the phone though and I haven't had any issues yet arising from data theft.

  • lisaperry96

    Thanks for the share as this was so helping!

<!-- -->