Cheap Samsung Galaxy S4 knock-off ships with spyware sending data back to China

Security researchers warn that customers should view cheap, imitation devices selling at low costs with scepticism

James Vincent@jjvincent
Wednesday 18 June 2014 16:56

Security researchers in Germany have reported that a brand of cheap Chinese smartphones is being shipped to customers preloaded with malicious spyware.

Berlin-based G Data said that a smartphone known as the Star N9500 (a rough approximation of Samsung’s popular Galaxy S4) includes code that can retrieve a range of personal data and even remotely control the device’s camera and microphone before sending the information back to servers in China.

"The possibilities with this spy program are almost limitless. Online criminals get full access to the smartphone,” said G Data’s product manager Christian Geschkat on the company’s website.

The spying functions of the device are built into the smartphone’s Android-based firmware (a basic level of software that cannot usually be accessed by consumers) and utilise a Trojan known as Uupay.D. The malicious code also blocks security updates to the phone - preventing the malware from being removed by Google.

The phone is available to buy on many Western website including Amazon and Ebay. It costs roughly £100 and offers attractive technical specs including a 5-inch screen and quad-core processor. Comparable devices from better known manufacturers can cost nearly three times as much.

Update: Ebay has now removed the Star N9500 from its site, saying “Due to reports that some Star 9500 smartphones are loaded with spyware, eBay is not allowing the sale of these devices as a precautionary measure.”

“Particularly good online deals sound enticing but should make buyers suspicious,” said Geschkat. “No one gives anything away.”

With Chinese factories able to cheaply and quickly churn out knock-offs of well known smartphone brands, security experts says incidents like this could become increasingly more common.

"The question is this," writes secuirty veteran Graham Cluley on his blog. "Did the manufacturers of this Android smartphone deliberately plant malware on its devices, or did something go badly wrong on their production line which allowed the malware to sneak its way onboard?"

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments