One of the biggest threats to the Android platform is malware. Earlier this year a report was released that showed the platform to be the target of 97% of all mobile malware in 2013. This is a significant increase from its record of 79% from the previous year. Most of the time malware enters an Android device through apps installed from unofficial sources. However, a new method has been discovered for this threat to infect a device and it is done from the factory.
The Star N9500, a popular Galaxy S4 clone in China, comes pre-installed with the Uupay.D trojan straight out of the factory. The Trojan disguises itself as a Google Play service but then collects data from the device without restrictions. It can record phone conversations without the user knowing about it. The microphone of the device can be activated remotely so that anyone can listen to conversations within range of the phone. It also sends out SMS to premium services which leads to a higher bill for the user.
German Tech website Heise reports that security researchers from G Data made the discovery saying that this is the first smartphone that “comes from the factory with an extensive espionage program“. The bad news is that it appears that this trojan has been pre-installed in Chinese smartphones as early as March when Kaspersky reported that devices which came with the Goohi service also had the Uupay.D trojan.
Reports also say that the trojan is difficult to remove from the Star N9500 as it is included in the firmware of the device itself. One method that totally removes this malware is by using another ROM on the device but then this requires knowledge on rooting and flashing.
One member of the xda-developer forum said that he ran an antivirus scan on his newly received iNew i7000 Chinese Android smartphnoe and sure enough the Uupay.D trojan was detected. If this is going to be a growing trend then consumers will be avoiding unknown brands. Its already bad enough that most of these devices have low quality, now they even come with malware straight out of the box.
If you own the Star N9500 then try installing a mobile security app on it and have it run a scan on your device. To get rid of the malware you will need to root your device and use a custom ROM on it. The procedure for this can be found in several popular Android forums.