In July 2017, DR.WEB, an anti-virus vendor from Russia, claimed to have found “virus alerts” on a number of Android smartphones and identified the virus as “Android.Triada.231”. Last week, the same company released another article listing more than 40 “low-end” Android smartphones that have been infected with the virus. Among them are brands such as Haier, TECNO, Leagoo, etc.
Some news media immediately followed suit and spread out the above article, and some even exaggerated, presenting “Android.Triada.231” as a “bank malware”. However, according to Mr. Zhu, the senior software engineer from Leagoo, the “virus alert” is actually caused by advertising risk in the notification push module of the OS.
In fact, for many smartphone brands, it has become an unspoken rule to quietly collect user data in order to enhance advertising performance. Smartphone manufacturers such as Samsung, Huawei and even Apple often receive privacy complaints which prompt widespread concerns about user data leakage, including IMEI device identification Code, MAC address, IMSI subscriber ID, serial number and so on.
As annoying as they may be, advertising risks are very common among modern smartphones. But they are apparently not “bank malware” as reported by some news media. For online banking security, so far no baking fraud is merely caused by data collection or ad push. Among all the frauds, most of them start from when a user clicks a strange SMS link or download a disguised malware, resulting in mobile phone malfunction.
According to Leagoo’s software team, after receiving the “virus alert” report last July, the company contacted DR.WEB and found that it was a fake virus alert. Soon after that, Leagoo updated their OS and solved the issue rapidly. So far, Leagoo hasn’t received any complaint or critics regarding personal data leakage or banking security issues caused by the above “alert”.
Interestingly, some anti-virus companies boasting virus protections often take advantage of virus threats as a bargaining chip to intimidate smartphone manufacturers or users to purchase their anti-virus service. When manufacturers refuse to cooperate, they will find a way to “persuade” them. So the next time an antivirus vendor claims virus threats, users should be clear-minded to the real intentions behind the scene. You can read Leagoo’s official announcement here.