China’s Tecno Sold Thousands Of Compromised Smartphones In Africa


Tecno, Africa’s most used smartphone, has been discovered with a certain malware that eats up mobile data and registers people for unwanted subscriptions.

The brand of Tecno W2 Smartphone was compromised in countries such as Ethiopia, Ghana, Cameroon and South Africa with the Triada malware that signs mobile users up to subscriptions without their permission, according to a report published this week in partnership with BuzzFeed.

Report also has it that the triada malware was first detected where it was pre-installed on thousands of low-cost Chinese phones two years after it was installed. Tecno Mobile responding to the situation said the problem “was an old and solved mobile security issue globally” for which it issued a fix in March 2018, in a statement to CNN Business,

How true is that?

Consumers continue to suffer data loss to unintended subscriptions as Secure D, the anti fraud that conducted the research, recorded 19.2 million suspicious transactions since March 2019 from over 200,000 unique devices.

This was what Geoffrey Cleaves, managing director, Secure D had to say in this regard; “The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against,”

“This particular threat takes advantage of those most vulnerable,” he added.

Tecno smartphones maker, China’s Transsion Holdings manufactures based in Shenzhen, puts the public in a dilemmatic state about the situation, following information that it doesn’t do business with China despite being based there. But it controls a huge part of the smartphone market in Africa (41% share) according to market research firm IDC. Transsion Holdings also manufactures Itel and Infinix smartphones for Africa.

Should there be cause for alarm?

Transsion blamed an “unidentified vendor in the supply chain process,” according to BuzzFeed.

Google, the search giant in a 2016 blog post also attributed the presence of Triada to the actions of third-party suppliers within the production process.

Triada malware installs a piece of code known as xHelper onto compromised devices, automatically subscribing users without their knowledge to services that consume pre-paid airtime — the only way to pay for digital products in many developing countries.

Now, this is more disturbing;

“The xHelper trojan persists across reboots, app removals and even factory resets, making it extremely difficult to deal with even for experienced professionals, let alone the average mobile user,” Secure-D, which is owned by mobile technology company Upstream, said in a statement.

However, there may be no cause for panic as no signs of Triada malware were found to affect other mobile phones manufactured by Transsion, Secure-D. Also Consumers currently experiencing difficulties should download the fix through their phones or contact after sales support, Tecno Mobile added.

Is your Tecno W2 Smartphone compromised? If yes, kindly share your experience in the comments below