Malware has been found by a research firm on a cloned smartphone of Samsung’s popular S4 handset. Unbeknownst to buyers, the phones were found to be transmitting personal info to an unidentified server in China.
For years Chinese manufacturers have capitalized on the popularity of handsets produced by Samsung, Apple and other top manufacturers, releasing models that mimic their looks and reproduce many of their features, but which are sold for far less money.
According to German research firm G Data, the Star N9500, a widely available clone of Samsung’s flagship Galaxy S4, come bundled with a nasty surprise in the form of malware which harvests a user’s personal data, blocks the Android operating system’s routine security updates, and appears to beam information to a secret server in China.
A post detailing analysis of the smartphone by G Data outlines the various ways in which the N9500 could compromise unsuspecting users.
“It is not possible to remove the manipulated app and the spyware since they are integrated into the firmware. Large online retailers are still selling the Android device at prices ranging from 130 to 165 euros and distributing it across Europe.”
"The intercepted data is sent to an anonymous server in China," says Christian Geschkat. "It is not possible to find out who ends up receiving and using the data."
Though largely unknown in the US market, where handset sales are still largely dominated by carriers, Chinese clones are widely available throughout Asia and Europe, where models are made attractive by comparable features and looks (though often inferior build quality) to leading brands.
Malware is largely controlled within Apple’s Iphone app ecosystem save for “jailbroken” devices with access to third-party apps, though it is far more prevalent amongst smartphones operating on Android. According to G Data, 1.2 million new malware programs appeared last year within the Android ecosystem, and many more are expected in the future.
The N9500 appears to be one of the first instances of a phone shipping out with built-in malware. Moreover, analysts at G Data believe the manufacturer of the smartphones is aware of the malicious software. As similar quad-core processor devices can cost up to three times as much, they believe the low cost is being subsidized by selling the personal data stolen from the handsets.
Unfortunately, for anyone who has been ensnared by the N9500’s siren song, G Data's research comes too late. For anyone still unaware of their warning and still operating the handset, their only warning will be a running app visible only by digging through the device's background app query.
Buyers of smartphone "clones" should therefore be wary when they are presented with a deal which may seem too good to be true, and dig deeper into the manufacturer's track record.