Middlemen pre-installing spyware on 26 different phones — G Data

8 Sep 2015

A new report claims that middlemen are compromising the firmware of a number of smartphone devices, installing spyware in the firmware before it gets to your pocket.

G Data’s latest Mobile Malware Report looked at devices across a number of manufacturers, finding 26 with pre-installed spyware, although the security experts don’t think the manufacturers are to blame.

Instead, middlemen seem to be accessing the devices, modifying them to steal user data and inject advertising to earn money.

“Over the past year we have seen a significant increase in devices that are equipped with firmware-level spyware and malware out of the box, which can take a wide range of unwanted and unknown actions including accessing the internet, read and send text messages, install apps, access contact lists, obtain location data and more – all of which can do detrimental damage,” said G Data’s Christian Geschkat.

Careful who you buy from

Among the devices named in the report is the Xiaomi M3, however, the company has insisted that as the middlemen are to blame buying direct is the best way to go.

“The security report clearly states that middlemen are installing such malware and that manufacturers like Xiaomi are not at fault,” said the company in a statement to Trak In.

“Unauthorised retailers can inject malware into any device bought from an unofficial channel. This is why we strongly recommend buying Mi phones only through authorised channels such as Mi.com, Flipkart, Amazon or Snapdeal.”

A worrying trend

Of course, it’s not just spyware that G Data was looking for, with a continued increase (25pc) in malware in general across Android devices a worry.

The cases analysed by G Data found that malware was usually hidden in a legitimate app, with the process seemingly invisible to the average user.

Indeed, the report highlights the Facebook app as an example of how the dodgy software was installed and married to reputable products.

The problem with this is, if the app is pre-installed on the device, it can prove excessively hard to uninstall it entirely.

Endless concerns

What the spyware can do, claims the report, is pretty much “endless”, storing your contacts, messages, listening in on calls etc.

Interestingly, the report argues that the Hacking Team scandal of earlier this year will rumble on.

The subsequent release of corporate data and source code for another Android malware strain will simply feed cyber-criminals what they want.

Considering hundreds of millions of people use a smartphone or tablet to go online around the world, and Android represents about two-thirds of that market, this is clearly a worry.

FireEye also found troubling smartphone issues from sifting through the Hacking Team fallout, with even iOS compromised in some cases.

Main image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com