An anti-fraud firm Upstream has discovered malicious codes on about 53,000 Tecno handsets, sold in some African countries namely, Cameroon, Egypt, Ethiopia, South Africa and Ghana. The malware signs users to subscription services without their permission.
Software experts say the malicious codes were installed in supply chain unknown to many and according to Upstream, it is taking advantage of the “most vulnerable” devices.
Head of Upstream’s Secure-D platform, Geoffery Cleaves says “the fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against.”
The Triada malware discovered by Upstream on Android smartphonesinstalls a malicious code known as xHelper. This malicious code finds subscription services and submits fraudulent request on behalf of users without their knowledge. Once the request is successful, it consumes pre-paid airtime, which is the only way many developing countries pay for digital services.
Upstream found a total of what it described as “suspicious activity” on more than 200,000 Tecno smartphones.
Responding to the claim, Tecno Mobile said the issues was “an old and solved mobile security issue globally” which was issued a fix in March 2018.
“For current W2 consumers that are potentially facing Triada issues now, they are highly recommended to download the over-the-air fix through their phone for installation or contact Tecno’s after-sales service support for assistance in any questions,” the manufacturer told the BBC in a statement adding that it attached “great importance to consumers’ data security and product safety”.
“Every single software installed on each device runs through a series of rigorous security checks, such as our own security scan platform,” it noted.
Earlier this year, security firm Malware bytes cautioned that similar pre-installed apps can be found on Chinese Android phone- the UMX U686CL. This device was offered to low-income families in America through a government procurement scheme.
In 2016 however, researcher Ryan Johnson discovered that over 700 million Android smartphones had malware installed on them.
The Android operating system developer, Google, is abreast on the subject and has blamed third party vendors used by manufacturers to install features such as face unlock, for pre-installing the Triada malware. Google says it working with manufacturer’s to remove threat from devices. The firm made this known in a blog published last year