Tecno, Alcatel, TCL Caught Stealing Mobile Balance & Information: Buzzfeed

Chinese smartphone OEMs are known for coming up with extraordinarily cheap yet reasonably spec-ed smartphones, especially for the relatively developing countries. Hence, sales of these smartphones in countries like Ethiopia, Cameroon, Egypt, Ghana, Indonesia, and Myanmar are pretty high.

However, according to a report from Buzzfeed News, these smartphones are being used to steal from some of the world’s poorest people. Tecno W2 phones prove as the latest example of how cheap Chinese smartphones take advantage of people who are not very proficient with new tech.

Recently, a Tecno W2 user from South Africa came forward explaining how the $30 Tecno W2 by the Chinese company Transsion was hogging its data and slapping him with paid subscriptions that he had never heard of.

Initially, the 41-year-old thought that it was his mistake, but later, an investigation from Secure-D, a mobile security service, proved that the software embedded in his phone right out of the box was draining his data while trying to steal his money. The smartphone was infected with xHelper and Triada, malware that secretly downloaded apps and attempted to subscribe him to paid services without his knowledge.

In 2019, Secure-D’s system, tasked to protect mobile carriers’ networks and customers against fraudulent transactions, blocked 844,000 transactions connected to preinstalled malware on Transsion phones. Talking about the recent issue, Secure-D Managing Director Geoffrey Cleaves said:

Imagine how quickly his data would disappear if the subscriptions were successful. Transsion traffic accounts for 4% of the users we see in Africa. Yet it contributes over 18% of all the suspicious clicks. Fraudster is able to take advantage of that desire for a low price by offering their [hardware or software] services, even at a loss, knowing that they can recover the costs through this ad fraud.

The same phone model was found infected with similar malware in Ethiopia, Cameroon, Egypt, Ghana, Indonesia, and Myanmar as well, but was not launched in Pakistan.

In response to the whole situation, Transsion issued a statement saying:

We have always attached great importance to consumers’ data security and product safety. Every single software installed on each device runs through a series of rigorous security checks, such as our own security scan platform, Google Play Protect, GMS BTS, and VirusTotal test.

Unfortunately, this is not something new. A similar preinstalled malware was previously found on Alcatel phones made by TCL Communication, a Chinese handset maker, in Brazil, Malaysia, and Nigeria. That is not it, people in the United States are also being exploited. Earlier this year, Malwarebytes, a security service, found preinstalled malware of Chinese origin in two phones offered to citizens with low incomes as part of the US government’s Lifeline program. This idea of Chinese phones extracting data and money from people living in poverty is being dubbed “digital colonialism.”

Luckily, no such cases have been reported in Pakistan.