Chinese smartphone comes with factory installed spyware which can steal personal details of the users.
German security firm G Data has claimed that Chinese made cheap Star N9500 Android smartphone comes with factory installed malware which can steal personal data to profit from it.
The cheaper device manufactured by China based Star carries malware which is disguised as the Google Play Store and is part of the pre-installed Android apps.
The spyware called Uupay.D, runs undetected in the background and sends personal data of the user to servers located in China.
It also claimed to secretly install additional applications which facilitate in collecting personal data, intercept calls, online banking data, read emails, text messages as well as remotely control the smartphone's camera and microphone.
G Data product manager Christian Geschkat said the only thing users see is an app with the Google Play Store icon in the running processes; other than that, the application is completely disguised.
"Unfortunately, removing the Trojan is not possible as it is part of the device's firmware and apps that fall into this category cannot be deleted. This includes the fake Google Play Store app of the N9500," Geschkat added.
"The intercepted data is sent to an anonymous server in China. It is not possible to find out who ends up receiving and using the data."
The cheaper smarphone sells in the range of €130-€165 despite higher technological specifications which include: quad-core processor, extensive accessories, such as a second battery, car charging adapter and second cover.
Looks similar to Samsung Galaxy S4 the smartphone costs one third less than the comparable devices with similar specifications.
The German firm suspects that the Chinese company might be selling the data records stolen from the smartphone owner to recover the cost.
"In general, particularly cheap offers online that seem tempting should make buyers suspicious. There's no such thing as a free lunch," Geschkat warns.
The Android smartphone is currently on sale on Amazon, eBay and the security expert has advised the affected customers to contact the respective online shop to return the device.
Photo Courtesy: G Data
get a cbr Mobility weekly update
Unable to register now