Tuesday, March 2, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Malware found preinstalled on some Alcatel smartphones

January 10, 2019
in Internet Security
Malware found preinstalled on some Alcatel smartphones
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: Alcatel

A weather app that comes preinstalled on Alcatel smartphones contained malware that surreptitiously subscribed device owners to premium phone numbers behind their backs.

The app, named “Weather Forecast-World Weather Accurate Radar,” was developed by TCL Corporation, a Chinese electronics company that among other things owns the Alcatel, BlackBerry, and Palm brands.

You might also like

Scientists have built this ultrafast laser-powered random number generator

SolarWinds security fiasco may have started with simple password blunders

Singapore eyes more cameras, technology to boost law enforcement

The app is one of the default apps that TCL installs on Alcatel smartphones, but it was also made available on the Play Store for all Android users –where it had been downloaded and installed more than ten million times.

But at one point last year, both the app included on some Alcatel devices and the one that was available on the Play Store were compromised with malware. How the malware was added to the app is unclear. TCL has not responded to phone calls requesting comment made by ZDNet this week.

App caused financial losses to users

The infection came to light last summer, when Upstream, a UK-based mobile security firm, discovered suspicious traffic originating from the smartphones of some of its customers.

In a report published this week and shared with ZDNet, the company says it initially detected that the app was harvesting users’ data and sending it to a server in China. The app collected geographic locations, email addresses, and IMEI codes, which it sent back to TCL.

But this weather app isn’t the only suspicious app with intrusive permissions that collects data and sends it back to China. There are plenty of those around already.

Upstream devs also found that in certain regions, the malicious code hidden inside the app would also attempt to subscribe users to premium phone numbers that incurred large charges on users’ phone bills.

  • In Brazil, 2.5 million transaction attempts initiated from this Weather application on Alcatel devices were blocked in July and August 2018. Those 2.5 million transaction attempts to purchase a digital service originated from 128,845 unique mobile phone numbers.
  • In Brazil again but for another premium digital service, 428,291 transaction attempts initiated from this Weather application on Alcatel devices were blocked in July and August 2018.
  • In Kuwait, 78,940 transactions attempts initiated from Alcatel devices were blocked in July and August 2018.
  • Transaction attempts initiated by this Weather application on Alcatel devices were also blocked in Nigeria, South Africa, Egypt, and Tunisia.

All in all, the company says it detected and blocked over 27 million transaction attempts across seven markets, which would have created losses of around $1.5 million to phone owners if they hadn’t been blocked.

On top of these transactions, Upstream devs also spotted adware-like behavior that originated from an infected phone they’ve purchased from its former owner.

The weather app, which ran in the phone’s background, also started hidden browser windows that loaded web pages and clicked on ads. “We recorded 50MB to 250MB of data per day being consumed by the application’s unwanted activity,” researchers said.

This means that on top of driving up phone bills by subscribing users to premium numbers, the app was also most likely depleting internet access data plans, incurring even more financial losses to victims.

Two Alcatel smartphone models mainly affected

According to Upstream, most of the behavior they’ve seen originated only from two types of smartphones, Pixi 4 and A3 Max models. However, the company doesn’t have a worldwide view into infected devices, and many more could still be infected, especially users who downloaded the app from the Play Store.

Google has removed the app (com.tct.weather) from the Play Store after Upstream worked with Wall Street Journal reporters to notify both TCL and Google.

The point of the compromise doesn’t appear to be with some shady phone supplier or rogue telecom provider in any of the affected countries, mainly because both the preinstalled and Play Store apps were affected in the same way.

The source of the infection appears to be a TCL developer who had his system compromised, although this is only a theory.

“The suspicious activity stopped after the WSJ contacted TCL,” an Upstream spokesperson told ZDNet yesterday via email, “although the data collection continued.”

Upstream told ZDNet that it’s currently working with TCL on investigating the issue further. The company also said they didn’t analyze the other apps uploaded on the Play Store from the same TCL account, but they didn’t find any suspicious activity originating from them either.

mie-alcatel.support account on Google Play

mie-alcatel.support account on Google Play


Image: Upstream

More security news:

Credit: Source link

Previous Post

New KickAss Torrents (KAT) ~ 2019 Best Torrent Sites (Working)

Next Post

5 things you didn't know about ...: Java 10

Related Posts

Scientists have built this ultrafast laser-powered random number generator
Internet Security

Scientists have built this ultrafast laser-powered random number generator

March 2, 2021
SolarWinds security fiasco may have started with simple password blunders
Internet Security

SolarWinds security fiasco may have started with simple password blunders

March 2, 2021
Singapore eyes more cameras, technology to boost law enforcement
Internet Security

Singapore eyes more cameras, technology to boost law enforcement

March 2, 2021
Free cybersecurity tool aims to help smaller businesses stay safer online
Internet Security

Free cybersecurity tool aims to help smaller businesses stay safer online

March 2, 2021
Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit
Internet Security

Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit

March 1, 2021
Next Post
5 things you didn’t know about…: MicroProfile 1.3

5 things you didn't know about ...: Java 10

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

The case for Bayesian Learning in mining
Machine Learning

The case for Bayesian Learning in mining

March 2, 2021
Scientists have built this ultrafast laser-powered random number generator
Internet Security

Scientists have built this ultrafast laser-powered random number generator

March 2, 2021
Companies in the Global Data Science Platforms Resorting to Product Innovation to Stay Ahead in the Game
Data Science

Companies in the Global Data Science Platforms Resorting to Product Innovation to Stay Ahead in the Game

March 2, 2021
Aries becomes next Hyperledger project graduating to active status
Blockchain

Aries becomes next Hyperledger project graduating to active status

March 2, 2021
Government trialling machine learning tech to detect pests at shipping ports
Machine Learning

Government trialling machine learning tech to detect pests at shipping ports

March 2, 2021
Data Annotation Service: a Potential and Problematic Industry Behind AI | by ByteBridge
Neural Networks

Data Annotation Service: a Potential and Problematic Industry Behind AI | by ByteBridge

March 2, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • The case for Bayesian Learning in mining March 2, 2021
  • Scientists have built this ultrafast laser-powered random number generator March 2, 2021
  • Companies in the Global Data Science Platforms Resorting to Product Innovation to Stay Ahead in the Game March 2, 2021
  • Aries becomes next Hyperledger project graduating to active status March 2, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates