Pre-installed malware found on Xiaomi, Huawei and Lenovo smartphones

It has already been known that every smartphone manufacturer ships their end product with some bloatware however finding malware on one is very dangerous for the smartphone owner. A recent research found that as many as 26 different smartphone models are being shipped pre-installed with malware.  Security firm G Data has uncovered more than two dozens of Android smartphones from popular smartphone manufacturers — including Xiaomi, Huawei and Lenovo — that have pre-installed spyware in the firmware.

A study conducted by G Data shows that mobiles shipping with pre-installed malware has increased by about 25 percent in Q2 of 2015 compared to the first quarter. The study shows that smartphones and tablets from Chinese brands Huawei, Xiaomi, and Lenovo were discovered to have apps modified to spy on its users or to insert ads.

G Data is the same research company which last year disclosed that the Star N9500 Smartphone had capability to spy on users, compromising their personal data and conversations without their knowledge.

Christian Lueg, the spokesperson for G Data said that the malware was injected by a middleman. Their efforts to find the source lead them to China, thereafter they lost it. “We lost the trail in China,”he stated.

A total of 26 smartphone units were discovered to be carrying a malicious software right before the consumer acquires the device.

The pre-installed malware is installed disguised in popular Android apps and can not be removed without unlocking/rooting the phone since it resides inside the phone’s firmware.

“Over the past year, we have seen a significant [growth] in devices that are equipped with firmware-level [malware and spyware] out of the box which can take a wide range of unknown and unwanted actions,” Product Manager Christian Geschkat from G Data said in a statement.

Here are the devices infected with the malware:

  • Xiaomi Mi 3,
  • Huawei G510,
  • Lenovo S860,
  • Alps A24,
  • Alps 809T,
  • Alps H9001,
  • Alps 2206,
  • Alps PrimuxZeta,
  • Alps N3,
  • Alps ZP100,
  • Alps 709,
  • Alps GQ2002,
  • Alps N9389,
  • Andorid P8,
  • ConCorde SmartPhone6500,
  • DJC touchtalk,
  • ITOUCH,
  • NoName S806i,
  • SESONN N9500,
  • SESONN P8,
  • Xido X1111

We reached out to Lenovo for their comments and their spokesperson emailed us the following reply :

“The report states that the malware was pre-installed in the firmware of the device and can’t be removed. This is incorrect information. The malware was found on a single Lenovo phone that was bought through a third party marketplace and was contained in an app that was likely added by a middleman and could easily be removed from the device. “

LEAVE A REPLY

Please enter your comment!
Please enter your name here