Thousands of mobile phones sold in Africa have been found to contain built-in malware that signed users form subscription services without their consent.
Per a report by Daily Trust, the malicious code was found by Anti-fraud firm, Upstream, which discovered the malicious code on 53,000 Tecno handsets sold in Ethiopia, Cameroon, Egypt, Ghana, and South Africa.
According to the manufacturer, Transsion, it was installed in the supply chain without its knowledge.
Upstream stated that the malicious code was taking advantage of “the most vulnerable”.
Geoffrey Cleaves, head of Upstream’s Secure-D platform, said:
“The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against.”
The Triada malware found by the firm on the Android smartphones installs malicious code called xHelper which then finds subscription services, submitting fraudulent requests on behalf of users without their knowledge.
If the request is successful, it consumes pre-paid airtime which is the only way to pay for digital services in many developing countries.
