Low-end Android phones come with malware in up-and-coming markets

Low-end Android phones come with malware in up-and-coming markets
People are already suspicious of cheap no-name Android devices, but it appears that in some countries that's more than justified.

The software developer Upstream Systems conducted an investigation, after their platform, Secure-D, used by mobile network operators to prevent online transaction fraud, detected unusual activity from specific devices mostly in Brazil and Myanmar. In Myanmar, the device is called "Smart 12 4G Super Star", while in Brazil it is the "Multilaser MS50s". Both phones most likely have the same manufacturer but are branded differently by the carriers.

The app responsible for the activity is called com.rock.gota, but for users checking their installed apps it shows as "Software Update" or "Mobile Care". It comes preinstalled and can't be uninstalled by users. The malware was attempting to connect to servers in Singapore that were traced back to Gmobi, a Chinese company that provides "performance-based ad platform" and other services including Firmware-Over-The-Air. Some manufacturers use third party software for their firmware updates, instead of Google's, which explains why the software found its way to the devices.

According to the report, the app is responsible for the following malicious activities:

  • Collecting and sending personal information such as: email, GPS location, device details and others 
  • Using the user's mobile data to access ads, generating false hits. This generates revenue for the owner of the app, without the advertiser actually receiving what they've paid for. 
  • Attempting fraudulent transactions and charges to the user's prepaid airtime. 

In developing markets, where cheap Android devices are sold the most, a lot of people rely on prepaid plans to have better control over their usage. The malware can quickly rack up charges and consume valuable data allowance. Making matters worse, customers using such devices are rarely tech savvy enough to even notice the suspicious behavior before it's too late.

The app was detected in more than 8 countries, all of which considered emerging mobile markets. Those countries often still lack strict regulations when it comes to carriers and phone manufacturers, which makes it almost impossible for users to seek requital.

While this may not directly concern you, it should serve as a reminder to be vigilant about the software you install on your devices and the permissions apps are requiring.

source: Upstream Systems via AndroidGuys



1. cmdacos

Posts: 4265; Member since: Nov 01, 2016

No kidding....

2. Zylam

Posts: 1817; Member since: Oct 20, 2010

Good ole secure Android.

7. piyath

Posts: 2445; Member since: Mar 23, 2012

This is one of many perks being an "open source" operating system. This is why the Android platform is defined as the crap of the crop in the smartphone industry. People in those poor countries buy very cheap Android phone to do their day to day activities because they are literary poor, they shouldn't be fooled like this.That's so wrong in so many levels. Google should wake the hell up and solve these crappy issues. They own the Android platform for God's sake.

8. E34V8

Posts: 109; Member since: Dec 16, 2011

Good ole secure iOS and iClod. Any leaks lately?

3. RebelwithoutaClue unregistered

Wonder if these phones come with Google apps pre-installed and are Google certified. I doubt they are and that's the downside of 'open source' OS-es.

5. afrohoxha

Posts: 264; Member since: Mar 13, 2014

It can be closed source and still have backdoors implemented by the OS provider. In fact, that's worse in terms of unusual activity detection. It's all a matter of whom you trust, regulations imposed or not, and how much concern you have on such issues.

4. TechNeck

Posts: 656; Member since: Aug 29, 2014

Not surprised since they come from no-name brands. I won't expect larger brands to have to deal with this.

6. Grey_zi

Posts: 1; Member since: Jul 10, 2018

I have one. Not the same unit as mentioned but it also has built in viruses in it. The phone was nice except for the annoying ads everywhere...and the apps installing itself on the phone. Like sometimes, i feel like someone else is in full control of my phone. I have to disable the built in apps because ads pop ups, consumes my data, and crashes other apps. Since i disable the browser and installed google chrome, the phone has been behaving better, but i still don't trust it with money transfers and stuff.

10. kotan24

Posts: 313; Member since: Oct 29, 2012

I thought it was a pretty well known fact...

11. cheetah2k

Posts: 2271; Member since: Jan 16, 2011

Just don't buy cheap sh1t phones FFS. Common sense applies - not that most people in here use it..

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.