Xiaomi, Huawei and Lenovo smartphones sold by unauthorised dealers allegedly carry preinstalled spyware [UPDATED]

Updated on 10-Sep-2015
HIGHLIGHTS

26 smartphones, including the Xiaomi Mi 3, the Huawei G510, and the Lenovo G860, sold by third party and unauthorised dealers come with spyware pre-installed, leading to data theft

Specific smartphones from some of the leading brands have been found to come with spyware pre-installed. A study conducted by G Data, a security firm, showed that almost 26 different Android-powered smartphones came with malware already installed. This included smartphones from Xiaomi, Huawei and Lenovo. 

Three of the 26 phones found to be infected by malicious software were the Xiaomi Mi3, the Huawei G510, and the Lenovo G860. The researchers suspect that the spyware was installed by middlemen who modified the device software to steal user data, and place their own advertisements to earn money. Christian Lueg, the spokesperson for G Data, said that they tried to find the source, but lost trail in China.
 
The pre-installed spyware is disguised as popular Android apps, and cannot be removed without unlocking or rooting the device. The Android.Monitor.Gsyn.B app disguises itself as the Google Drive app, and the icons as well as app identifier are quite similar to the original. The malware has the ability to listen to phone conversations, view and copy contacts, read SMS, listen to chats via messaging services like WhatsApp, and more. Another malicious app is the Android.Trojan.Andup.D, which disguises itself as the Facebook app. The app functions the same as the normal app, but allows third party access to the device without the user’s consent. 

This is not the first time these companies have been accused of selling devices with malware installed. Xiaomi was accused of spying on personal user data through its smartphones. Last year, the Xiaomi Redmi Note was found sending photos and texts to a server located in Beijing. This further fueled speculation that the Chinese government was spying on overseas users.

In February this year, Lenovo was accused of selling Windows devices with a potentially unwanted program (PUP) called Superfish Visual Discovery browser add-on. The software embedded ads into search engine results, without the user’s permission. It also had the potential to access or take control of SSL/TLS connections to websites. Lenovo had to apologise for the problem and posted a guide that allowed users to remove Superfish. Chief Technology Officer for Lenovo, Peter Hortensius said, “We messed up badly here. We made a mistake. Our guys missed it. We’re not trying to hide from the issue — we’re owning it.”

UPDATE: Xiaomi has given an official statement, clarifying the presence of pre-installed spyware on its phones. The statement says, "The security report clearly states that middlemen are installing such malware and that manufacturers like Xiaomi are not at fault. Unauthorized retailers can inject malware into any device bought from an unofficial channel. This is why we strongly recommend buying Mi phones only through authorised channels such as Mi.com, Flipkart, Amazon or Snapdeal. Andy Hayter, security evangelist for G Data has added, "Somebody is unlocking the phone and putting the malware on there and relocking the phone."  Lenovo's official statement reads, "The malware was found on a single Lenovo phone that was bought through a third party marketplace and was contained in an app that was likely added by a middleman and could easily be removed from the device."

Source: TechWorm, G Data

Image source: GizChina

Shrey Pacheco

Writer, gamer, and hater of public transport.

Connect On :