Some time ago, the cybersecurity company Dr. Web revealed in a research report that it had detected pre-installed malware on Android smartphones manufactured in China. According to the report, the malware had been bundled into the firmware of over 40 phone models made by various Chinese companies, whereas the malicious code could lead to user data leaks.
The malware that Dr. Web came across in the middle of last year was a Trojan named Android.Triada.231 and the company claimed at that time that it was capable of stealing confidential information like banking data and personal details. This type of Trojan is particularly dangerous as it infects the Zygote component within the Android operating system. Since the Zygote process is used to launch all applications, malware injected into this module can penetrate every running applications and perform various malicious actions.
Earlier this month, however, LEAGOO – one of the companies mentioned in Dr. Web's report – has come out with an official statement regarding the issue. The company claims that the cybersecurity vendor Dr. Web has distributed a "false virus alert". Further on, LEAGOO states it has contacted Dr. Web before the release of the report, only to find out that the malware in question is, in reality, an "APK code intended for advertisements." LEAGOO also assures that soon after that it has updated the operating system of their smartphones, solving this way the supposed virus alert issue.
The company adds that it has not received any complaints or any other indications for data leakages resulting from malware injected into the firmware of their products. According to the company's press release, the latest version of the software installed on new LEAGOO smartphones does not contain the questionable advertisement code either. For devices manufactured previously, it would be sufficient for users to install the latest updates which include the new algorithm.
LEAGOO goes a step further in its attempt to clear its image. It says it plans to sue all media outlets and websites which continue to spread the report by Dr. Web, ignoring the fact that LEAGOO has solved the issue promptly after being notified. The other Chinese smartphones manufacturers mentioned in Dr. Web's report from last year – Umi, Doogee, and Cubot – have not commented on the security alert yet.