Software that eats up mobile data and registers people for unwanted subscriptions has been found pre-installed on thousands of low-cost Chinese smartphones in Africa more than two years after it was first detected.
The Triada malware signs mobile users up to subscription services without their permission and has been discovered on Tecno W2 smartphones in countries such as Ethiopia, Ghana, Cameroon and South Africa, according to a report published this week in partnership with BuzzFeed.
China’s Transsion Holdings manufactures the Android devices, which dominate Africa’s smartphone market with a 41% share, according to market research firm IDC. Shenzhen-based Transsion, which listed on China’s version of the Nasdaq last year, has ignored its home market to focus almost exclusively on the continent. It sells more affordable handsets than rivals such as Samsung (SSNLF) and Apple (AAPL) under the brand Tecno Mobile.
In a statement to CNN Business, Tecno Mobile said the problem “was an old and solved mobile security issue globally” for which it issued a fix in March 2018. Consumers currently experiencing difficulties should download the fix through their phones or contact after sales support, it added.
Transsion blamed an “unidentified vendor in the supply chain process,” according to BuzzFeed.
Triada malware installs a piece of code known as xHelper onto compromised devices, automatically subscribing users without their knowledge to services that consume pre-paid airtime — the only way to pay for digital products in many developing countries.
“The xHelper trojan persists across reboots, app removals and even factory resets, making it extremely difficult to deal with even for experienced professionals, let alone the average mobile user,” Secure-D, which is owned by mobile technology company Upstream, said in a statement.
