No Comments

Cheap cell phones sold in Russia had pre-installed malware


Low-cost mobile phones being sold at online stores in Russia had pre-installed malware capable of performing different malicious activities. The warning was given by Russian security researcher ValdikSS in a report released last week.

The specialist discovered the problem while conducting tests on five cell phone models with physical keyboards inspired by the classic Nokia phones and purchased via the internet. According to him, four of the analyzed devices showed strange behavior.

In the DEXP SD2810 model, the IMEI code and the International Mobile Subscriber Identity (IMSI) were sent to a remote server, along with other data, as soon as the device was activated, even without an internet browser. The device also fired SMS messages to a premium number.

Alguns donos dos telefones já haviam denunciado comportamentos estranhos dos dispositivos.
Some phone owners had already reported strange device behavior. Source:  ValdikSS/Reprodução 

Similar activities were noted on the Itel it2160, F + Flip 3 and Irbis SF63 mobile phones, the latter still registering the phone number in online services such as Telegram automatically. The only model that did not show malware-related problems was the Inoi 101.

Data sent to China

According to ValdikSS, all remote servers to which the data was sent are located in China. The Asian country is also the origin of the models, produced there and resold in Russian stores as an alternative for those looking for cheap cell phones that do not offer the same tools as smartphones.

The malware was in the phones’ firmware, but the researcher was unable to confirm whether the malicious code was added by the manufacturers or by the supplier of the firmware. Another possibility raised is that they were installed during the transportation of the devices.

After the publication of the report, the manufacturer of the DEXP model launched a recall campaign, offering customers the opportunity to exchange their cell phone for a new one or request a refund of the amount paid. The other companies have not yet commented.


Source: TecMundo


You might also like

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.