China Facing Problems With Android Handsets & Pre-installed Trojans


It seems like the Chinese are always coming up with inventive ways to scam people, this time the people in their own country. Android is of course growing quickly globally and China is no exception with the availability of cheap hardware there the open-source Android OS is a natural choice.

The latest scam is some new generation of “money sucking mobiles” – which are basically Android handsets that steal the users credit by making covert calls or sending premium SMS. It does this very slowly so the user doesn’t notice, it also enables the vendors to sell the handsets very cheaply as they are essentially subsidized by the fraud.

The Chinese government is to crack down on “money sucking” mobiles: Android-based handsets that subsidise themselves by stealing from the customer’s account.

The crackdown aims to involve network operators, target retailers and ensure that selling handsets featuring pre-installed Trojans is explicitly illegal, according to the Google translation.

The idea is to set up a central unit to manage complaints, though it seems the scam has been going on long enough to build up considerable momentum.

The handsets concerned are sold cheaply, and generally unbranded, though some bear forged logos. Once they go into use the Android-based handsets start quietly sending text messages, or making a silent call or two. The transactions only incur a fee of about around 20 pence (0.3USD) a time, in the hope the user will never notice, while the miscreant collects the termination fee or other premium charge.

It’s pretty shady, but not much different from the reports of US and UK consumers with branded network phones having all kinds of weird network charges which they can’t stop because the phones are loaded up with proprietary crapware (oh hello Vodafone, Orange, T-Mobile and so on).

It’s an interesting model for fraud and honestly I think it will continue for a long time as it’s unlikely the users of low end Android devices will bother reading such tech-news and even if they did…what can they do about it? If they are really techy of course they can just root the phone and remove the malware themselves.

But for the rest of the unwashed masses, what options do they have? Not a lot really apart from the ditching the phone and buying another with the hope that it doesn’t come pre-installed with a trojan.


The amounts are small, but the idea is to collect it over a long period, enabling the handset to be sold very cheaply and thus feeding a virtuous circle that benefits everyone – except the poor sap who thought he was getting a cheap Android handset.

“I think the software industry lacks a better business model, they can only make these knock-off and money-sucking software in order to survive,” said Zhao Wei, CEO of Chinese security company Knownsec, according to PC World. “This is fast becoming an industry in itself.”

Manufacturers and network operators have a long history of preinstalling applications which they hope will rake in additional cash, much to the annoyance of users. Hiding them from the user is an obvious evolution of that idea, though hopefully a step too far for the bigger brands at least.

It does show that these handset and mobile software developers don’t really have a sustainable legitimate business model. Partially due to the fact that the competition in China is just so immense and partially because this kind of business can prosper.

Just look at Huawei now.

Source: The Register

Posted in: Legal Issues, Malware, Privacy

, , , , , , , , , ,


Latest Posts:


Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.


One Response to China Facing Problems With Android Handsets & Pre-installed Trojans

  1. Bogwitch January 17, 2011 at 11:16 am #

    The old adage remains true: If it looks too good to be true, it probably is.

    Although that could probably be updated to: If it looks too good to be true, it is.