Bought a brand-new phone? It could still have malware

New phones are being tampered with before they hit the market

A new phone is supposed to be a clean slate. But alarmingly, that's not always the case.

Security company G Data has identified more than 20 mobile phones that have malware installed despite being marketed as new, according to a research report. And it doesn't appear the infection is occurring during manufacturing.

"Somebody is unlocking the phone and putting the malware on there and relocking the phone," said Andy Hayter, security evangelist for G Data.

Many of the suspect phones are sold in Asia and Europe through third parties or middleman and aren't coming directly from the manufacturers, Hayter said.

Brands of affected phones include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido.

G Data has contacted some manufacturers, including Lenovo, whose S860 Android smartphone in one instance was found to have the malware.

Ray Gorman, Lenovo's executive director of external communications, wrote in an email that the device G Data analyzed came from a third-party marketplace. The malware was installed by middlemen, he wrote.

"This is the only such occurrence we have been made aware of," Gorman wrote. "We always recommend customers transact with authorized distribution channels and only accept merchandise that comes in an official box with original factory seals."

The malware is embedded in a legitimate app, such as Facebook, which is sometimes preinstalled on phones, Hayter said. It can read and send text messages, install other apps, collect and change call data, grab location information, record phone calls or send premium SMSes, according to G Data's report.

It's impossible for consumers to remove since it resides inside the phone's firmware.

"You can't take it off there unless you unlock the phone," Hayter said.

G Data was alerted to the problem after receiving support calls from users who said a file had been quarantined but that it couldn't be removed.

The problem has been around for a while. In June 2014, G Data said it found malware in the firmware of a relatively inexpensive Android device made by the Chinese manufacturer Star.

The company's analysts bought Star's N9500 and found malware that purported to be an app for Google's Play Store. The malware, they found, could not be deleted.

In early 2014, Marble Security found malware embedded within Netflix's app that had been preinstalled on six mobile devices made by Samsung Electronics.

That malware grabbed credit card information and passwords and sent it to a server in Russia.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags mobilitysecuritysmartphonesmalware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?