The Curious Case of a Chinese Smartphone with an Integrated Spyware

thumb (98)

When a smartphone as able as a Samsung Galaxy S4 becomes available for a price that makes the latter look iPhone-expensive, it’s only natural to assume that there’s got to be a catch somewhere. For Tianxing’s The Star N9500, the catch has turned out to be a pre-installed spyware — discovered by the Germany-based cyber-security firm — that has the ability to do some serious damage. There is a certain degree of suspense surrounding this discovery, as it’s hard to imagine that such a program was put in such a promising phone intentionally.

A Nifty Smartphone with a Dirty Secret

The Star N9500 sure has all the ingredients to earn itself a place in the league of elite phones. Not only does the Android-based phone come with enough muscle under the hood to run pretty much every app out there smoothly, courtesy of its quad-core processor, but it is also loaded with an 8-megapixel camera. Considering the modest price tag of under $200, this sure looks like a great deal. Unfortunately, the phone has a major security issue with it. After fielding various complaints related to Tianxing’s offering, cyber-security firm G Data ran a few tests on the phone, only to discover that it comes pre-installed with spyware, basically a Trojan malware called Usupay.D that was first discovered by Kaspersky Lab in early 2013. Embedded in the phone’s operating software, or in Google’s Play Store app to be more specific, the spyware sends phone identification and specification data to a server in China. Furthermore, it could also be used to manipulate the device remotely, like turning on the camera for instance. Of course, there are countless ways in which such an access can be abused and consequently pose a serious threat to security and privacy.

The Mystery Remains

The discovery of malware in a Chinese product that transmits data to a server in China is likely to be met with a lot of “Aha!” or “Caught red handed” type reaction, but G Data has refrained from jumping to any conclusions. The cyber-security firm says that there is hardly any conclusive evidence that the attacker and the server retrieving the stolen data are located in the same area. Furthermore, it is still not clear how the malware ended up becoming part of the phone’s firmware. It’s hard to imagine a company coming up with such an impressive device, only to ruin its chances of making an impact by planting a spyware in it. With Tianxing yet to comment on the issue, the issue continues to remain surrounded by suspense for now.

So What Now

It’s unfortunate to see Tianxing getting caught up in such a controversy. Such issues take a huge toll on the reputation of Chinese mobile manufacturers in the global market, leading to distrust among the masses which hinder their ability to give the likes of Apple, Samsung and LG a tough time. In order to capture a larger share of the global market, Chinese mobile manufacturers need to do more than just build a good phone and attach a modest price tag to it. They need to start attracting positive attention and earning trust by making their products more reliable and secure.

The discovery of a pre-loaded spyware in The Star N9500 is indeed unfortunate, considering how great the phone is. Since it is integrated into the software, it cannot simply be removed like any other app. Fortunately, there have hardly been any reports of anyone suffering at the hands of the gaping security flaw with the phone so far. Let’s just hope it stays this way until the manufacturer sorts out the issue.

Add a Comment

Your email address will not be published. Required fields are marked *

6 − three =