Malware-infested Xiaomi Mi 4 caught in the wild, looks genuine until deep inspection

21comments
Malware-infested Xiaomi Mi 4 caught in the wild, looks genuine until deep inspection
A few days ago, mobile data security company Bluebox got their hands on a Xiaomi Mi 4 handset to run a few tests on it. See, handsets built and sold in China rarely run a Google-certified version of the Android OS, which excludes them from Google services support and introduces a few vulnerabilities that can, and often are, exploited by malicious folk. And a brand like Xiaomi, being quite popular in its homeland, is a prime target for hackers.

Bluebox's tests did indeed uncover more than a few worrisome articles – an ad pushing process; a mysterious app, named Yt Service, whose developer package was named com.google.hfapservice, though, the app has noting to do with Google; a wide array of vulnerabilities; and conflicting build properties in the Android OS.

Additionally, Bluebox tested the authenticity of the Mi 4 unit it had in its hands by running Xiaomi's own verification app, and using CPU-Z to cross-reference the phone hardware with official specs. The general conclusion was that the device is a legitimate build, which has been tampered with somewhere in the line between manufacturer and retailer.

Bluebox informed Xiaomi on its findings and, a few days after, the OEM replied and both companies joined efforts in figuring out what's wrong with the unit. After numerous detailed pictures have been sent for analyzing, and the discovery of a hidden .apk folder on the phone's SD card, it became clear that the handset is a fake – a very, very good one at that.

The phone had all the stickers and labels in all the right places. According to the report, it looks physically like a genuine Mi 4, with some extremely minor build exceptions. The way it fooled CPU-Z and Xiaomi's AntiFake is by using cloned versions of these apps – secretly stored in the hidden .apk folder, the clones would activate whenever the user installs one of said apps on the device, actively replacing it. The false app would then report false data, making the phone appear to be genuine.

The bottom line? Well, if you have your heart set on a Xiaomi smartphone, your best bet is to buy from the company directly. Apparently, the “Apple of China” is now big enough to have near-identical, malware-infested copies of its handsets built and distributed around, so – heads up!



Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless