LEAGOO defend their honor against the “virus alert” news


In July 2017, DR.WEB, an anti-virus vendor from Russia, claimed to have found “virus alert” on a number of Android smartphones and identified the virus as “Android.Triada.231”. On March 1, 2018, DR.WEB released another article, listing more than 40 “low-end” Android smartphones that have been infected with Android.Triada.231. Among them are brands such as Haier, TECNO, LEAGOO and others.

Some news media immediately followed suit and forwarded the above article, and some even exaggerated “Android.Triada.231” as a “bank malware”. However, according to Mr. Zhu, the senior software engineer from LEAGOO, the “virus alert” is actually caused by advertising risk in the notification push module of the OS.

In fact, for many smartphone brands, it has become an unspoken rules to quietly collect user data in order to enhance advertising performance. Smartphone manufacturers such as Samsung, Huawei and even Apple often receive privacy complaints which prompt widespread concerns about user data leakage, including IMEI device identification Code, MAC address, IMSI subscriber ID, serial number and so on.

Gizchina News of the week

As annoying as they may be, advertising risks are very common among modern smartphones. But they are apparently not “bank malware” as reported by some news media. For online banking security, so far no baking fraud is merely caused by data collection or ad push. Among all the frauds, most of them start from when a user clicks a strange SMS link or download a disguised malware, resulting in mobile phone’s malfunction.

According to LEAGOO software team, after receiving the “virus alert” report last July, LEAGOO contacted DR.WEB and found that it was a fake virus alert. Soon after that, LEAGOO updated their OS and solved the issue rapidly. So far, LEAGOO did not receive any complaint or critics regarding personal data leakage or banking security issues caused by the above “virus alert.

Interestingly enough, some anti-virus companies boasting virus protections allegedly often take advantage of virus threats as a bargain chip to intimidate smartphone manufacturers or users to purchase their anti-virus service. When manufacturers refuse to cooperate, they will find a way to “persuade”. You can read the full LEAGOO’s statement about the virus claims in this link.

Previous Xiaomi Smartmi Small Smart Toilet Seat Announced at 1199 Yuan
Next Koolnee planning to release a polychromatic phone


  1. Guest
    March 10, 2018

    Well Leagoo smartphones are crap because they refuse to update all their phones worldwide that still suffer from the KRACK Wi-Fi attack. What’s the point of purchasing a new smartphone if companies refuse to update their phone from such attacks.

    • Guest
      March 10, 2018

      I’m also really starting to consider not visiting Gizchina anymore if they release articles like this. An obvious malware inside a device like this should not be defended.

  2. Guest
    March 10, 2018

    This article reads like a PR piece straight from the manufacturer. Leagoo not only created programs that mimic’d system apps like Google Chrome and Settings and made them unremovable, but they created apps that send and receive encrypted data from a third party server.

    Assuming the antivirus found this then I’d say it was successful, why would I want unremovable system apps to have a backdoor to send and receive data? Simple solution, if you dont want your brand tarnished dont put backdoors in your phones, and thank you to this antivirus for making this list public to dissuade other companies.

  3. Guest
    April 17, 2018

    never buy leagoo
    i have 5 m5 and both virus affected by farm.
    it’s a shame