Highlights:

  • Tecno phones (a Chinese phone brand)attacked with xHelper and Triada malware
  • xHelper malware is challenging to get rid of and often the malware would reinstall even post factory reset by the user
  • Triada, also known to be an older malware, has the quality of being able to modify the core process in the Android OS

Mobile security service, Secure-D has discovered a pair of pre-installed malware on Tecno phones, a Chinese smartphone brand, which is a subsidiary of Transsion Holdings.

Details about malware

Dubbed as xHelper and Triada, the two malware discreetly downloaded apps and subscribed users to paid services without permission or approval. Additionally, Secure-D solutions, the mobile security services provider, has blocked 844,000 transactions initiated by pre-installed malware on a range of Transsion mobile phone devices in a span of 10 months, between March to December 2019.

Techno, in a statement, said, “We have always attached great importance to consumers’ data security and products safety. Every single software installed on each device runs through a series of rigorous security checks, such as our own security scan platform, Google Play Protect, GMS BTS and VirusTotal test. In addition, a 90-day security patch update is periodically delivered to consumers to ensure that the security of our products and protection of consumers’ devices from malware infection aren’t compromised.”

Further, Tecno mentioned that the xHelper mobile security glitch primarily came into notice in 2019. The company has deployed a bunch of professional security tools viz., GMS BTS and VirusTotal to identify the xHelper issue since November.

Due to a protocol of going through a test followed for all new products and software and maintenance releases for the older version, it has been able to report no new xHelper since then.

Details about Triada

On the Triada issue, the mobile company mentioned that after a thorough investigation, it was brought to notice that Triada was an old issue and a mobile security concern that already had a resolution globally.

The resolution to the W2 Triada issue was released to all the Tecno customers on March 20, 2018. By April 30, 2018, the company issued official OTA resolutions tailored for various versions of the W2 devices. The company released these products assuring that the issue was resolved once customers gave a thumbs up to the system update by installing the security patch/fix.

Gravity of the issue

xHelper plays tough as the malware is difficult to get rid of, and in several cases, it could reinstall even after users have pressed factory reset. Triada, on the other hand, is an older malware, and once installed, it has the capacity to modify the core process in an Android OS that is used as a template for every application, and makes it even more problematic as it gives access to every app on the phone.