Android phones are now being sold with pre-installed malware

Android has a well-earned reputation for malware issues, despite Google’s efforts to keep its Play Store free of rogue apps. But there are many dark corners of Android where malware continues to thrive, particularly on independent app stores that do little or nothing to keep such apps at bay.

Security advisors are constantly reminding users to be cautious of what they install on their devices, but it seems that even that advice is no longer sufficient. German security firm G DATA issued a release this week warning that Android handsets were being sold via numerous outlets, including major online stores such as eBay and Amazon, “with extensive spyware straight from the factory.”

It may look like a Galaxy S4, but this cheap Chinese knock-off is loaded with malware

The Star 9500 - available under several variations of that name - bears a striking a similarity to the Galaxy S4, which is known also by its Samsung model number, i9500. G DATA reported that the Star 9500 is being sold preloaded with a Trojan, known as Uupay.D. Unlike most malware, it is not simply an app that can be uninstalled from the device; rather, the Trojan is baked into the firmware, disguised as the legitimate Google Play Store, and cannot be be simply extricated from the device's OS.

According to G DATA’s Christian Geschkat, “the options with this spy program are nearly unlimited. Online criminals have full access to the smartphone.” The firm’s security specialists have determined that spyware running in the background on each device has been sending personal data to a Chinese server.


The problem of malware on Android is something of a running joke for some - but it's no laughing matter

Personal data – including passwords, banking details, and contacts – along with the content of emails and text messages are all remotely accessible by the server, and even a user’s calls can be intercepted. The camera and microphone can be activated without the user’s knowledge too, while the software also blocks installation of security updates.

Researchers at the firm have so far been unable to determine who is harvesting the data. “The intercepted data is sent to an anonymous server in China,” Geschkat said. “It is not possible to find out who ends up receiving and using the data.”

Numerous retailers and online marketplaces have been selling the device, with an unknown number having been purchased already across Europe for around €150 EUR (around $204 USD / £120 GBP). That’s not a bad price for the uneducated buyer, given the handset’s specs, which includes a quad-core processor, 5-inch HD display, 8GB of storage and a 12MP camera, along with a range of free accessories, such as an additional battery, car charger and a cover.

BBC News reports that eBay has now removed the device from its listings worldwide. A spokesperson said: “Due to reports that some Star 9500 smartphones are loaded with spyware, eBay is not allowing the sale of these devices as a precautionary measure.” 

The device is still available to purchase from sites such as Amazon

Other retailers are still catching up, however. At time of publication, the device remains available from multiple third-party sellers on Amazon Marketplace, with some even being shipped by Amazon itself from its warehouses. In the UK, the device is available on Amazon for as little as £85 ($145 / €106), where it is being sold as the 'BW Star S9500'.

Geschkat said that many buyers will have been seduced by the low price of the device, but believes that those behind the malware have been profiting considerably from the sale of the stolen data and user information. His final words on the matter remind us all that when something seems too good to be true, it often is: “In general, particularly cheap offers online that seem tempting should make buyers suspicious. There’s no such thing as a free lunch.”

Source: G DATA / BBC News 

Report a problem with article
Previous Story

Earin: A minimalists wireless Bluetooth earbuds

Next Story

Nokia was blackmailed many times over the years - and usually paid up

65 Comments

Commenting is disabled on this article.

LauRoman said,
Why aren't you also reporting on the Windows laptops sold with malware?

Because it is a sensationalist piece designed to generate clicks. You get far more clicks to say Android phones are sold with malware, than Chinese knock-off android phones are sold with malware. The latter is more accurate, but tells the whole story in the title.

warwagon said,
I always thought when people bought a phone on eBay they just flash a costume rom on it right away. That's what I do.

Deep down even phones love a bit of cosplay :p

Yeah, some guys poor grandma that's on a fixed income gets duped into buying one off of eBay. The very first thing she does is flash a rom on it......

So for the two main players in the field, you have pros and cons for both.

Android - Mostly complete freedom to do what you want with the software and programs.
Apple - Locked out root, strict app requirements.

There's always a tradeoff. Yes, the Android gives you a bit more freedom as to what you can do with the device including some apps that Apple wont touch, but on the other hand, Apple devices straight out the box are pretty secure to the average Joe, but with more restriction on what apps can/can't be used.

Google and Android aren't to blame for this. It's the phone manufacturers.
Just like Microsoft is not to blame for pre-installed crapware on your new notebook.

Bamsebjørn said,
Google and Android aren't to blame for this. It's the phone manufacturers.
Just like Microsoft is not to blame for pre-installed crapware on your new notebook.

This. Also this isn't really "news", as it is wide know in XDA since August 2013...

megalosdog said,
It is googles fault, for giving the OS and letting anybody do anything with it. Its called fragmentation.

Clearly you don't know what fragmentation means.

I'm sorry but if you're being cheap by buying a phone from Mr_Grey_Imports* with a feedback of 32, you probably deserve to have spyware on your phone.


* Not his/her actual name. :p

Sadly true.

But I think it boils down to buying a phone from a well-known reputable buyer. This is true for all computing equipment - not just phones that run Android.

why should you have to replace the OS? It should work straight out the box without malware. The OS shouldn't allow malware to be integrated like this in the first place.

Yazoo said,
why should you have to replace the OS? It should work straight out the box without malware. The OS shouldn't allow malware to be integrated like this in the first place.

The whole idea behind Android was that you should be able to modify it however you like. And with that freedom, you also have the freedom to embed malware.

The OS doesn't have a say in how you are to develop it. Simple as that.

Yazoo said,
The OS shouldn't allow malware to be integrated like this in the first place.

Open source software does not limit programmers what to put in it before compile time. And this malware technically does not behave any different than PlayStore does (except that it send's more text data across TCP connection) so even in this hypothetical case that you suggest, OS would not be able to recognize this.

Yazoo said,
why should you have to replace the OS? It should work straight out the box without malware. The OS shouldn't allow malware to be integrated like this in the first place.

What??? Anyone can install malware on any device with any OS then sell it.

01Michael10 said,

What??? Anyone can install malware on any device with any OS then sell it.

really? why is it that this only happens with the Android OS then?

Absolutely false, only android can be preloaded with trash, because it is trash. Any manufacturer can load it on any pos hardware and sell it, not the case with windows phone or ios.

Yazoo said,

really? why is it that this only happens with the Android OS then?

There is a difference in installing malware and integrating malware into the system. The former can be done with any OS (although it doesn't happen with iOS because only Apple sells it, and WP because Microsoft has some requirements OEMs must comply with). The latter can only be done with Android, because that's the only OS which is open-source.

megalosdog said,
Absolutely false, only android can be preloaded with trash, because it is trash. Any manufacturer can load it on any pos hardware and sell it, not the case with windows phone or ios.

This has nothing to do with Android being "trash" or not. The reason malware can be integrated in Android is because it's open-source, and open-source doesn't mean it is trash.

megalosdog said,
"open source" is a nicer way of putting it.....I still say trash.

It's just stupid to claim that open-source equals trash. There is plenty of good open-source software, of which I am sure you use at least one piece of software.

android phones are the cheapest type of smartphones, ive had two and the experience is horrible - they hang, have to be frequently restarted to clear the cache, i have to factory reset it regularly as well, about twice a month and install as few apps as possible

android was also the next big thing after iphone, it even got bigger, but the quality of the product is awuful, its just like (prebuilt) windows PCs and laptops you buy from everywhere - the problem doesnt always lie in the OS, but in the hardware components

What device were you using?

I've had an HTC Desire running 2.x, a Samsung Galaxy S2 running 3.x and now have a Z1 running 4.x I also have a Nexus 7 running 4.x and I've not experienced any issues where I've had to restart, clear cache, factory set etc...

Let me guess: you bought a phone from China, or something under $100 AUD?

My HTC runs perfectly.

'You get what you pay for.'

spikey_richie said,
What device were you using?

I've had an HTC Desire running 2.x, a Samsung Galaxy S2 running 3.x and now have a Z1 running 4.x I also have a Nexus 7 running 4.x and I've not experienced any issues where I've had to restart, clear cache, factory set etc...

68k said,
Let me guess: you bought a phone from China, or something under $100 AUD?

My HTC runs perfectly.

'You get what you pay for.'

android is so overrated already, i didnt even like it after about an year of android, it felt kinda unpolished... sure it has probably the largest app store, but quantity over quality just doesnt cut it, there were so many cheapass apps and games that were so ugly and pathetic, and there was one premium game called Lep's World 3, which is a platformer much like Super Mario Bros, and this one game (just the third one) was so blurry on my phone, it didnt make sense, because the two previous game were just fine, on the screenshots in the app store it also looked sharp and smooth.... such a joke

people are saying that apple has the best quality devices, but im not spending this much money on a phone that i dont even like how it looks like

until this morning i had a huawei ascend p1, which exploded :D

it costed roughly $300 USD or 450лв BGN last May when i got it

soon i will get me a lumia 630

Edited by Allwynd, Jun 19 2014, 11:38am :

Andriod is open source OS, that can be used to make great quality phones that run smooth, or be installed sub par hardware, with bad software implementation making a paper weight more useful. Andriod devices come in all shapes and sizes, and some are not even phones.

Apple. Google, and Microsoft all have there advantages and disadvantages. I prefer Android for it's openness and customization ability, something locked down on Apple and Microsoft.

Microsoft has a fast, fluid highly optimized OS (so it runs great on slower hardware, you won't even notice) however has a very poor app store selection.

Apple responsible for what we know as smart phones now. Great app selection, and well designed products. There not so much on the cutting / innovation edge, but I don't see that as a negative against them.

Nothing wrong with getting a Lumia, do your homework and get the phone you want for your reason. That being said, I love my Galaxy S4 running Cyangenmod.

'huawei' - that's the problem. Try a HTC or Samsung device in the store (you'll see much more polish, in both hardware and software). I wouldn't consider any other brand (regarding Android - excluding makers of Google Nexus phones).

I also plan to replace my Android device with a Windows Phone soon (most likely Lumia 630 too). A good quality camera is critical for me though; hopefully the 630's is as good as a SII's.

Edited by 68k, Jun 19 2014, 1:01pm :

People here really haven't got a clue what they're talking about, they buy cheap phones and expect them to do the same thing as expensive phones. I personally own a Nexus 5 and it's an incredibly slick smartphone.

spikey_richie said,
What device were you using?

I've had an HTC Desire running 2.x, a Samsung Galaxy S2 running 3.x and now have a Z1 running 4.x I also have a Nexus 7 running 4.x and I've not experienced any issues where I've had to restart, clear cache, factory set etc...

Some people just buy the cheap crap and expect it to be a diamond. Just ignore the OPs drivel.

68k said,
'huawei' - that's the problem. Try a HTC or Samsung device in the store (you'll see much more polish, in both hardware and software). I wouldn't consider any other brand (regarding Android - excluding makers of Google Nexus phones).

I also plan to replace my Android device with a Windows Phone soon (most likely Lumia 630 too). A good quality camera is critical for me though; hopefully the 630's is as good as a SII's.


no way im getting another android, im just bored with how it looks and works, i want a change

i dont take any photos at all, or just very rarely, so i dont care if its 5mp camera an no flash, its perfect for me

If you expect 100 buck phones to do the same things as 700 buck phones, I'd suggest wising up as a consumer before buying anything because you clearly don't understand how technology works.

Javik said,
If you expect 100 buck phones to do the same things as 700 buck phones, I'd suggest wising up as a consumer before buying anything because you clearly don't understand how technology works.

how is 300 buck 100 buck? does it have anything to do with abstract thinking?

Odd, I have owned three Android phones over the years (Droid X, Galaxy Nexus, and Nexus 5) and I have had none of the issues you state.

Thinking you just got lemon hardware or maybe it's merely user error?

Allwynd said,

no way im getting another android, im just bored with how it looks and works, i want a change

Huh??? If you get bored with the look of a phone after a couple of months then a Android phone is the one you want to get... Nothing can touch Android if you want to customize/replace the keyboard, launcher, icons, fonts, or themes.

01Michael10 said,

Huh??? If you get bored with the look of a phone after a couple of months then a Android phone is the one you want to get... Nothing can touch Android if you want to customize/replace the keyboard, launcher, icons, fonts, or themes.

you cant replace everything, especially if your phone isnt rooted and not every phone is easy to root without bricking it

i wont bother customizing my phone, because it every extra component installed means more memory being taken, pretty useless, besides you cant change the settings screen or the notifications bar, actually you can change the bar, but there are only ugly replacements that lack functionality

Yeah, well I've paid premium price for many android phones from vzw in the past. Guest what? They all had problems, not so with my Windows Phone or iPhone.

I think there's a bit of confusion on this, I read on BBC it's 'un-removable' - OK so maybe it's un-removable for the majority of people that'd buy/use the phone, but I'm pretty sure reflashing with something like cynagenmod would fix it?

...yeah, xda/cm team is full of folks with this pos phone ready to waste time on it (compile and test it) and i am sure that the original firm has released full kernel sources for it. /s

n_K said,
I think there's a bit of confusion on this, I read on BBC it's 'un-removable' - OK so maybe it's un-removable for the majority of people that'd buy/use the phone, but I'm pretty sure reflashing with something like cynagenmod would fix it?

Possible if there was a ROM for it. There is a ROOT for the Star 9500 so it is possible to remove it.

I read about the reviews in Amazon.. Users experiencing visible malware (Chinese ads, pop ups, unauthorized apps installed) activities right from the first boot up..

So it was not a silent attack, who ever planned it, or tried to do it clearly paid no attention towards hiding their motives !!!

You really dont have to G DATA to figure this out, at-least with this handset only and indeed, at-least every one I know who buy these cheap device, goes for the custom roms straight away..

Luckily, here in India, after having local brands like XOLO, Micromax and Karbon, need for unbranded Chinese product isn't really high :p

Must be the same reason Windows is popular on the desktop then, coz I get a ton of crap pre-installed that I didn't ask for when buying a new PC.

megalosdog said,
There's a major difference between a few preinstalled programs and the malware in this article.

Give the average user 1 day, and their windows PC will be full of more malware than these Chinese knock-offs ship with.

megalosdog said,
That's ######, I've had my sp2 for awhile, (amongst many other computers) and haven't seen a trace of any kind of malware.

Are you an average user?

Didn't think so.