Faizel Patel – 31/08/2020
Deputy Editor of Business Insider Philip de Wet says cheap Android mobile phones pre-installed with Triada are responsible for stolen data from South African mobile users.
According to an investigation by Upstream, a company that offers security services to mobile networks, and BuzzFeed News the Tecno W2 smartphones – which sell for a about R 300 second-hand – were sold already infected by Triada.
De Wet says Triada is so persistent that if a phone is reset to factory settings, the malware will remain on the device.
“What it does is try to subscribe people to premium services. The way that’s its makers steal money is to sign you up to premium services from which they take a cut.”
De Wet says while the criminal subscription attempts in South Africa were unsuccessful, users did lose data.
“That failed because of some of the protections that are in place to stop exactly that kind of thing. However, in the process data was used, each of these attempt taking away a small amount of data and in that fashion, people actually saw their airtime drain away without them having to do anything. They were never fooled to download anything, they didn’t have to click any links, take any action. This just happened invisibly in the background.”
While Transsion, the Chinese company that manufactures the Tecno line of phones, said it knew about the malware more than two years ago, and released an over-the-air update to mitigate it, Upstream unit Secure-D said it had detected attempts to steal airtime by Transsion phones up to at least April 2020, suggesting that unpatched smartphones continued to circulate.
Listen to the interview with Philip de Wet
0 Comments