Several smartphones sold in Africa equipped with malware already installed

Several smartphones sold in Africa equipped with malware already installed

September 14, 2020 Off By admin

Recently discovered, it is mentioned that several thousand smartphones of Chinese origin are infected with malware already preinstalled and sold commonly in Africa.

The countries most affected by this phenomenon would be Senegal, Ethiopia, Cameroon, Egypt and Ghana. Accused of being responsible for this, the manufacturer of these mobiles, Transsion Holdings publicly defends itself from being the cause.

This article will also interest you: The protection of personal data, a real headache in Africa

The discovery was made by computer security specialists from the Upstream Secure-D platform. They denounce it's gone to abuse vulnerable users to inject malware on the terminals that will be sold to them. Often, in some context, victims are forced to consume prepaid airtime.

One of the most observed malware is xHelper, a very dangerous Trojan horse.

As far as the Transsion group is concerned, it is a mobile phone manufacturer that is not really present in the Chinese or European market. Its target is much more African. He has known to make cheaper smartphones for resale in Africa. In 2017, it was known as the largest smartphone manufacturer on the African continent, due to its mobile subsidiary Techno.

Not so long ago, computer security company Upstream Secure-D laid bare the discovery of 2 malware reinstall in smartphones marketed by the mobile technology subsidiary of transissions. The first is Triada, which is known as a malicious program for the purpose and install the Trojan xHelper on smartphones. A program that will aim to siphon users' personal information, in particular users' banking data, to paid services or to display intrusive advertisements. "The Trojan xHelper persists through reboots, app deletions or factory resets, making it extremely complicated to eradicate even for professionals," Upstream Secure-D said in its recent release.

It is noted nearly 19.2 million transactions made by the firm as suspicious and fraudulent since March 2019. And this on nearly 200,000 mobile techno brand devices. The cybersecurity company has confirmed that nearly 53,000 mobile devices, circulating on the African continent, have already been infected with malware. The major problem is that these malwares in question are preinstalling on mobiles since they left the factory.

"The fact that the malware arrives preinstalled on these devices, which are purchased by millions of low-income users, illustrates what's wrong with the industry," said Geoffrey Cleaves, director of Upstream Secure-D at CNN.

Contacted by the press about this problem, a spokesman for the Chinese company claimed that an "unidentified supplier in the supply chain process is responsible for the installation of the malicious code. ». The Chinese manufacturer reassures that it "did not take advantage of the malware and refuses to decline the number of infected devices," the US news site said. Chinese company also said it had made a security fix to fill the issue. As a reminder that the Triada malware has not been known to the general public since 2016 and even worked on an article published on Google's blog that claimed that its existence was due to "third parties" in the production line.

For Geoffrey Cleaves, the Chinese company is fully at fault for this situation. According to the latter, it does take advantage of the lack of knowledge in the field of new technologies and the poverty of the people targeted by these devices to sell them devices that do not meet the security conditions. "A scammer is able to take advantage of low price demand by offering his services even separately, knowing that he will cover his costs through these frauds," he told BuzzFeed News.

A large-scale it security problem that needs to be addressed as soon as possible, as it can have a significant impact on all sectors of the continent.

Now access an unlimited number of passwords:

Check out our hacking software