Chinese low-cost mobile phones were sold with a virus that uses the data package and steals money through paid services contracted without the users' knowledge.
The most serious case happened on the smartphone Tecno W2, which was sold largely in African countries, including Angola. According to user reports, the device had malware Triada and xHelper pre-installed at the factory. This caused economic losses and not even a software restoration solved the problem.
The cases were recorded in the Africa South, Ethiopia, Cameroon, Egypt and Ghana, in addition to Indonesia and Birmânia.
Users claim that Tecno W2 drew attention for its good specifications and low cost. However, the “headache” started as soon as the consumer made the first login. Two preinstalled malware silently downloaded applications that consumed data deductibles and used user information to subscribe to paid services without their consent.
According to Secure-D security company, 844 fraudulent transactions were blocked between March and December 2019. Already Geoffrey Cleaves, the managing director of Transsion, a mobile phone manufacturer based in Shenzhen, China, says the company accounts for only 4% of user traffic in Africa, but accounts for more than 18% of all suspicious clicks on the continent.
Transsion has assigned responsibility for malicious malware to an unidentified supplier in the supply chain process. She also said she made corrections to Triada in March 2018 and xHelper in late 2019, which does not seem to have worked, as Secure-D guarantees to have blocked the programs until April 2020.
Concretely, the two malwares concerned, they downloaded applications silently, subscribing to paid services without the consent of the user, who later came across unexpected bills and excessive use of data packages.