Several Cheap Android Phones Come Preinstalled With Trojan Viruses

Several Cheap Android Phones Come Preinstalled With Trojan Viruses
Photo by bykst (Pixabay)

Cheap Android phones might not be as economical as you thought, as new types of preloaded malware are regularly being discovered on these smartphones. There were two such findings just last month, and now Doctor Web, a security firm, has discovered a couple of Trojan viruses in some more cheap smartphones, according to Ars Technica.

Two Lenovo phones also had similar viruses

According to Doctor Web, dozens of inexpensive Android phones come preinstalled with applications that surreptitiously download and install adware and other unwanted programs. Researchers from Doctor Web described such apps as downloader Trojans that can download not only benign unwanted apps but also malicious ones.

One such app is H5GameCenter, which shows advertisements on top of running apps. The picture cannot be removed, and infected users report that Android.DownLoader.473.origin quickly downloads and installs it again when they uninstall the application. Android.Sprovider.7 is another pre-installed downloader detected by researchers at Doctor Web, notes Ars Technica.

Jim Chanos Unveils Lastest Short As Fund Manager Bets On Further Market Declines

Data 1639507577Jim Chanos has a new short target in his sights. Earlier this week, the hedge fund manager disclosed that he is betting against "legacy" data centers that face growing competition from the trio of technology giants, which have previously been their biggest customers. The fund manager, who is best known for his winning bet against Read More

According to the researchers, about 26 Android smartphones from several manufacturers were preloaded with the Android.DownLoader.473.origin Trojan virus. Two smartphones made by Lenovo were found to contain the Android.Sprovider.7 virus.

Both malware variants are capable of displaying notifications and ads and can download apps as well from unknown sources. It may not be possible for a regular user to get rid of it since it is embedded in the firmware. Many of these infected devices are powered by MediaTek chipsets, which are quite common in low-cost phones.

Beware of these Android phones

According to the security researchers, cyber-criminals generate their income by raising application download statistics and distributing advertising software.

“Therefore, Android.DownLoader.473.origin and Android.Sprovider.7 were incorporated into Android firmware because dishonest outsources who took part in creation of Android system images decided to make money on users,” the researchers nstated.

Also the researchers published a list of devices carrying such Trojans: MegaFon Login 4 LTE, Irbis TX97, Irbis TZ43, Bravis NB85, Bravis NB105, Irbis TZ85, SUPRA M729G, SUPRA V2N10, Pixus Touch 7.85 3G, Itell K3300, General Satellite GS700, SUPRA M72KG, Prestigio MultiPad Wize 3021 3G, Prestigio MultiPad PMT5001 3G, Optima 10.1 3G TT1040MG, Marshal ME-711, 7 MID, Digma Plane 9.7 3G, Nomi C07000, Explay Imperium 8, Perfeo 9032_3G, Ritmix RMD-1121, Oysters T72HM 3G, Irbis tz70, Irbis tz56, and Jeka JK103.

Since these devices are mostly sourced from China-based OEMs and rebranded for local sales, there could be more affected smartphones or variants of them, says Neowin. In light of these recent discoveries, it would be better to choose a reputed smartphone brand instead of an unknown brand the next time you buy an inexpensive Android phone.

Updated on

Aman is MBA (Finance) with an experience on both Marketing and Finance side. He has worked as a Risk Analyst for AIR Worldwide, and is currently leading VeRa FinServ, a Financial Research firm. Favorite pastimes include watching science fiction movies, reviewing tech gadgets, playing PC games and cricket. - Email him at
Previous article North America-Focused Hedge Funds Post Strong Returns In November
Next article How A Pixar CFO Learned To Love The Creative Process

No posts to display