By Chris Smith From BGR

Android’s malware problem has taken a new twist, as such apps now come bundled with certain phones. Instead of creating apps that can pack hidden, malicious capabilities, some device makers in China are apparently ready to ship smartphones with built-in malware. Such is the case with the Star N9500, a Galaxy S4 clone from China, which comes with a Trojan on board masquerading as the Google Play Store, German publication Heise reports.

Uupay.D is the Trojan in question, and it can collect and copy personal information from the phone. The program will even turn on the microphone to monitor phone calls and conversations that take place in the proximity of the phone.

The Trojan can also send text messages to premium services without the user’s consent.

The Star N9500 sells for just $217 in the region, so it’s a very affordable device. G Data researchers speculate that the price is “subsidized” by its advanced malware features, which can generate additional profits for its makers.

G Data has confirmed that the malicious code is factory installed. Furthermore, because it’s part of the firmware, the Trojan is rather difficult to remove. According to the researchers, the Star N9500 is the first phone that “comes from a factory with an extensive espionage program” on board, although Uupay.D predecessors with similar powers have been found on Android devices in China in the past.

PHOTO: MOBILE Galaxy S4 Clone with Malware

For more on this story go to: http://bgr.com/2014/06/17/galaxy-s4-clone-with-malware/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheBoyGeniusReport+%28BGR+%7C+Boy+Genius+Report%29

 

Related story:

Malware ships pre-installed on ‘Star’ Android phone

By Ryan Whitman From GEEK

Security researchers will sound the alarm every now and then when a new piece of Android malware is discovered. It’s usually nothing regular users need to worry about, but this time it’s a bit more troubling. The newly discovered Android trojan isn’t lurking around shady Chinese app stores, it’s pre-installed on a low-cost phone for sale on sites like Amazon. You don’t even have to go to the hassle of installing the malware yourself — now that’s convenience.

The device is a generic piece of hardware manufactured by a Chinese ODM calling itself Star. The branding on the 3G dual-SIM device says “Skaynet,” which is just a little too close to Skynet for my liking. The N9500 looks like a fairly good deal, at least on the surface. It has a quad-core Mediatek processor, 1GB of RAM, and a 5-inch 720p screen. It bears a vague resemblance to any number of Samsung devices thanks to the oblong home button.

This device runs Android 4.2, and the product image clearly shows the Play Store icon on the home screen, but it’s not actually Google-certified. In fact, there are no Google apps on the device at all. The “Play Store” client is actually the malware in disguise. Dubbed Android.Trojan.Uupay.D, the spyware runs in the background and pipes user data back to a server in China.

The trojan has access to almost all aspects of the device including email, text input, the camera, and browser data. It also has the ability to install new apps remotely, making it infinitely dangerous. So can you just buy the phone and uninstall the malware? Probably not — it’s built into the ROM, making in a permanent fixture of the device without gaining root access.

Despite the nasty nature of this malware-infested device, it’s still for sale on Amazon in the US and Europe for around $160 (seriously, don’t buy this). Presumably it will be pulled soon.

For more on this story go to: http://www.geek.com/android/malware-ships-pre-installed-on-star-android-phone-1597098/