Even if you’re careful about avoiding sketchy apps, there’s not much you can do if your smartphone has malware built in. That’s actually the case with many smartphones sold in developing markets.
Research from Upstream Systems found that such devices might ship with data-stealing apps pre-installed.
This malware is designed to commit digital ad fraud and will collect users’ data. It will also deplete their mobile data allowance. Or trigger fraudulent charger to their pre-paid credit, without their knowledge.
Upstream’s Secure-D, a platform which protects MNOs and their subscribers against online transaction fraud, has uncovered a number of low-end Android smartphones that come with digital ad fraud malware pre-installed before the user has even turned the phone one for the first time. The products sell in markets like Brazil, Egypt, Myanmar, South Africa and more.
What can you get with low-end phones? Free, pre-installed malware
Upstream identified one such app. It’s called GMobi. According to Upstream’s testing, the GMobi app sent IMEI numbers, MAC addresses, and sometimes location data to servers in Singapore.
Note that it’s impossible to simply uninstall such apps. Unless users perform a rooting procedure that might have the effect of voiding their warranty.
GMobi is a performance-based ad platform that enables content monetization and global user acquisition. According to its website, the app serves over 100 OEMS including Huawei, Xiaomi and BLU and has a 150 million install base.
The Wall Street Journal contacted GMobi’s CEO Paul Wu who denied that his company violates any data collection laws. Yet the research findings paint a whole different story.
Regrettably, the malware is targeting people who are often getting online for the first time via a mobile device. In emerging markets, the cost of data remains expensive, relative to local income levels. So online advertising fraud attempts like those described in the report will directly impact the end consumer.