In July 2017, DR.WEB, an anti-virus vendor from Russia, claimed to have found “virus alert” on a number of Android smartphones and identified the virus as “Android.Triada.231”. On March 1, 2018, DR.WEB released another article, listing more than 40 “low-end” Android smartphones that have been infected with Android.Triada.231. Among them are brands such as Haier, TECNO, LEAGOO and others.
Some news media immediately followed suit and forwarded the above article, and some even exaggerated “Android.Triada.231” as a “bank malware”. However, according to Mr. Zhu, the senior software engineer from LEAGOO, the “virus alert” is actually caused by advertising risk in the notification push module of the OS.
In fact, for many smartphone brands, it has become an unspoken rules to quietly collect user data in order to enhance advertising performance. Smartphone manufacturers such as Samsung, Huawei and even Apple often receive privacy complaints which prompt widespread concerns about user data leakage, including IMEI device identification Code, MAC address, IMSI subscriber ID, serial number and so on.
As annoying as they may be, advertising risks are very common among modern smartphones. But they are apparently not “bank malware” as reported by some news media. For online banking security, so far no baking fraud is merely caused by data collection or ad push. Among all the frauds, most of them start from when a user clicks a strange SMS link or download a disguised malware, resulting in mobile phone’s malfunction.
According to LEAGOO software team, after receiving the “virus alert” report last July, LEAGOO contacted DR.WEB and found that it was a fake virus alert. Soon after that, LEAGOO updated their OS and solved the issue rapidly. So far, LEAGOO did not receive any complaint or critics regarding personal data leakage or banking security issues caused by the above “virus alert.
Interestingly enough, some anti-virus companies boasting virus protections allegedly often take advantage of virus threats as a bargain chip to intimidate smartphone manufacturers or users to purchase their anti-virus service. When manufacturers refuse to cooperate, they will find a way to “persuade”. You can read the full LEAGOO’s statement about the virus claims in this link.