Chinese phone comes preloaded with spyware

This photo made available by G Data Software dated June 16, 2014 shows G Data Software spokesman, Thorsten Urbanski, holding a Chinese-made Star N9500 smartphone. G Data says it found malicious code hidden deep in the propriety software of the Star N9500 when it ordered the handset from a Web site late last month. The find is the latest in a series of incidents where smartphones have appeared on customers' doorsteps preloaded with malicious software.
This photo made available by G Data Software dated June 16, 2014 shows G Data Software spokesman, Thorsten Urbanski, holding a Chinese-made Star N9500 smartphone. G Data says it found malicious code hidden deep in the propriety software of the Star N9500 when it ordered the handset from a Web site late last month. The find is the latest in a series of incidents where smartphones have appeared on customers' doorsteps preloaded with malicious software.

BERLIN (AP) - A cheap brand of Chinese-made smartphones carried by major online retailers comes preinstalled with espionage software, a German security firm said Tuesday.

G Data Software said it found malicious code hidden deep in the propriety software of the Star N9500 when it ordered the handset from a website late last month. The find is the latest in a series of incidents where smartphones have appeared preloaded with malicious software.

G Data spokesman Thorsten Urbanski said his firm bought the phone after getting complaints about it from several customers. He said his team spent more than a week trying to trace the handset's maker without success.

"The manufacturer is not mentioned," he said. "Not in the phone, not in the documentation, nothing else."

The Associated Press found the phone for sale on several major retail websites, offered by an array of companies listed in Shenzhen, in southern China. It could not immediately find a reference to the phone's manufacturer.

G Data said the spyware it found on the N9500 could allow a hacker to steal personal data, place rogue calls, or turn on the phone's camera and microphone. G Data said the stolen information was sent to a server in China.

Bjoern Rupp, chief executive of the Berlin-based mobile security consultancy firm GSMK, said such cases are more common than people think. Last fall, German cellphone service provider E-Plus found malicious software on some handsets delivered to customers of its Base brand.

"We have to assume that such incidents will increasingly occur, for different commercial and other reasons," said Rupp.