When we purchase a new phone, we often view our new devices as a clean slate — a fresh start.
However, don’t be so sure that brand-new smartphone you just bought is as clean as you think.
According to a Sept. 1 ComputerWorld.com article, a recent study has found that more than 20 types of mobile phones have malware installed, despite being marketed and sold as new.
The study, conducted by security company G Data, revealed that these infections aren’t taking place during manufacturing. Rather, rogue retailers are installing the malware on the phones before selling them to unsuspecting customers.
“Somebody is unlocking the phone and putting the malware on there and relocking the phone,” explained Andy Hayter of G Data.
Brands of infected phones included Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido. Typically, the middleman will install the malware on an app like Facebook, which sometimes comes pre-installed on phones. The malware is then able to send messages, install other apps, collect personal information and even record calls made from the phone.
It’s hardly surprising news, given that there are approximately 82,000 new malware threats per day. Yet we often consider our smartphones as being immune to such threats, which makes it much easier for people to become victims of malicious software.
And since the malware is installed into the phone’s firmware, it’s impossible for users to remove it themselves. Uninstalling the hardware requires unlocking the phone.
This isn’t exactly a new problem. About a year ago, G Data discovered malware on smartphones from Chinese manufacturer Star, ITProPortal.com reported. Additionally, Marble Security found similar malware pre-installed in the Netflix app on Samsung smartphones. This malware was actually able to collect users’ credit card information and send it to a Russian server.
Fortunately for U.S. smartphone users, most of the infected phones are sold throughout Europe and Asia. Additionally, all the infected phones that G Data discovered used the Android operating system — not Apple’s iOS.