Ntaghacha
JF-Expert Member
- Jul 28, 2020
- 1,412
- 4,120
Programu (Malware) ambazo zinawasajili watumiaji bila ruhusa yao zimepatikana kwenye maelfu ya simu zinazouzwa Afrika. Simu 53,000 za Tecno zenye virusi zimeuzwa Ethiopia, Cameroon, Misri, Ghana na South Afrika.
Transsion ambae ni mzalishaji wa simu aina ya Tecno inayoongoza kwa mauzo barani Afrika amesema vimewekwa(installed) kwenye mzunguko wa mauzo bila ufahamu wake.
Programu ya Triada inayopatikana kwenye simu hizo inaingiza programu ya xHelper ambapo inatafuta na kusajili huduma kwa niaba ya mtumiaji kwa kificho bila ufahamu wake.
Kama maombi ya kusajili huduma yakifanikiwa, gharama zinakatwa kwenye salio la simu ambayo ni njia pekee ya kulipia huduma katika nchi nyingi za Afrika.
Kwa ujumla kampuni ya Upstream imepata vitendo ambavyo vinatiliwa shaka kwenye zaidi ya simu 200,000 aina ya Tecno. Kulingana na utafiti wa IDC, Kampuni ya Trassion ni miongoni mwa kampuni za kichina zinazoongoza kwa uzalishaji simu na inaongoza kwa mauzo ya simu barani Afrika.
Katika majibu yake, tecno imesema ni tatizo la zamani na tatizo hilo la ulinzi limesuluhishwa kidunia na kutoa suluhisho Machi 2018 na kwa sasa watumiaji wa W2 ndio wanaweza kukabiliana na Tatizo la Triada. Tecno wanapendekeza wapakue suluhisho la 'over the air'
========
Malware which signed users up to subscription services without their permission has been found on thousands of mobiles sold in Africa.
Anti-fraud firm Upstream found the malicious code on 53,000 Tecno handsets, sold in Ethiopia, Cameroon, Egypt, Ghana and South Africa.
Manufacturer Transsion told Buzzfeed it was installed in the supply chain without its knowledge.
Upstream said it was taking advantage of the "most vulnerable".
"The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against," said Geoffrey Cleaves, head of Upstream's Secure-D platform.
The Triada malware found by the firm on the Android smartphones installs malicious code known as xHelper which then finds subscription services and submits fraudulent requests on behalf of users, doing so invisibly and without the user's knowledge.
If the request is successful, it consumes pre-paid airtime, the only way to pay for digital services in many developing countries.
In total, Upstream found what it described as "suspicious activity" on more than 200,000 Tecno smartphones.
According to research firm IDC, Transsion Holdings is one of China's leading phone manufacturers and in Africa it is the top-selling mobile manufacturer.
In response Tecno Mobile said that the issue was "an old and solved mobile security issue globally" to which it issued a fix in March 2018.
"For current W2 consumers that are potentially facing Triada issues now, they are highly recommended to download the over-the-air fix through their phone for installation or contact Tecno's after-sales service support for assistance in any questions," the firm told the BBC in a statement.
It added that it is attached "great importance to consumers' data security and product safety".
"Every single software installed on each device runs through a series of rigorous security checks, such as our own security scan platform," it added.
Common problem
At the beginning of the year, security firm Malwarebytes warned that similar pre-installed apps were found on another Chinese Android phone - the UMX U686CL. This handset was offered to low-income families in the US via a government scheme.
And in 2016, researcher Ryan Johnson found that more than 700 million Android smartphones had malware installed.
Google, which developed the Android operating system, is aware of the issue.
In a blog written last year it blamed third-party vendors, used by manufacturers to install features such as face unlock, for pre-installing Triada malware.
It said it had worked with manufacturers to remove the threat from devices.
SOURCE: BBC
Transsion ambae ni mzalishaji wa simu aina ya Tecno inayoongoza kwa mauzo barani Afrika amesema vimewekwa(installed) kwenye mzunguko wa mauzo bila ufahamu wake.
Programu ya Triada inayopatikana kwenye simu hizo inaingiza programu ya xHelper ambapo inatafuta na kusajili huduma kwa niaba ya mtumiaji kwa kificho bila ufahamu wake.
Kama maombi ya kusajili huduma yakifanikiwa, gharama zinakatwa kwenye salio la simu ambayo ni njia pekee ya kulipia huduma katika nchi nyingi za Afrika.
Kwa ujumla kampuni ya Upstream imepata vitendo ambavyo vinatiliwa shaka kwenye zaidi ya simu 200,000 aina ya Tecno. Kulingana na utafiti wa IDC, Kampuni ya Trassion ni miongoni mwa kampuni za kichina zinazoongoza kwa uzalishaji simu na inaongoza kwa mauzo ya simu barani Afrika.
Katika majibu yake, tecno imesema ni tatizo la zamani na tatizo hilo la ulinzi limesuluhishwa kidunia na kutoa suluhisho Machi 2018 na kwa sasa watumiaji wa W2 ndio wanaweza kukabiliana na Tatizo la Triada. Tecno wanapendekeza wapakue suluhisho la 'over the air'
========
Malware which signed users up to subscription services without their permission has been found on thousands of mobiles sold in Africa.
Anti-fraud firm Upstream found the malicious code on 53,000 Tecno handsets, sold in Ethiopia, Cameroon, Egypt, Ghana and South Africa.
Manufacturer Transsion told Buzzfeed it was installed in the supply chain without its knowledge.
Upstream said it was taking advantage of the "most vulnerable".
"The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against," said Geoffrey Cleaves, head of Upstream's Secure-D platform.
The Triada malware found by the firm on the Android smartphones installs malicious code known as xHelper which then finds subscription services and submits fraudulent requests on behalf of users, doing so invisibly and without the user's knowledge.
If the request is successful, it consumes pre-paid airtime, the only way to pay for digital services in many developing countries.
In total, Upstream found what it described as "suspicious activity" on more than 200,000 Tecno smartphones.
According to research firm IDC, Transsion Holdings is one of China's leading phone manufacturers and in Africa it is the top-selling mobile manufacturer.
In response Tecno Mobile said that the issue was "an old and solved mobile security issue globally" to which it issued a fix in March 2018.
"For current W2 consumers that are potentially facing Triada issues now, they are highly recommended to download the over-the-air fix through their phone for installation or contact Tecno's after-sales service support for assistance in any questions," the firm told the BBC in a statement.
It added that it is attached "great importance to consumers' data security and product safety".
"Every single software installed on each device runs through a series of rigorous security checks, such as our own security scan platform," it added.
Common problem
At the beginning of the year, security firm Malwarebytes warned that similar pre-installed apps were found on another Chinese Android phone - the UMX U686CL. This handset was offered to low-income families in the US via a government scheme.
And in 2016, researcher Ryan Johnson found that more than 700 million Android smartphones had malware installed.
Google, which developed the Android operating system, is aware of the issue.
In a blog written last year it blamed third-party vendors, used by manufacturers to install features such as face unlock, for pre-installing Triada malware.
It said it had worked with manufacturers to remove the threat from devices.
SOURCE: BBC
