An official Alcatel app, available through Google Play Store, has been found to be malware infected.
It’s in a pre-installed weather app on Alcatel smartphones that the malware has been found. ZDNetreports, “A weather app that comes preinstalled on Alcatel smartphones contained malware that surreptitiously subscribed device owners to premium phone numbers behind their backs.”
The infected app is the “Weather Forecast-World Weather Accurate Radar” app, which has been developed by Chinese firm TCL Corporation, which owns the Alcatel, Blackberry and Palm brands. TCL Corporation installs “Weather Forecast-World Weather Accurate Radar” as a default app on Alcatel smartphones. It’s also available, for all Android users, on Google Play Store; reports say that it has been downloaded and installed over 10 million times. It was last year that the app got infected.
The ZDNet report details, “But at one point last year, both the app included on some Alcatel devices and the one that was available on the Play Store were compromised with malware. How the malware was added to the app is unclear. TCL has not responded to phone calls requesting comment made by ZDNet this week.”
The infected was detected by researchers at UK-based mobile security firm Upstream, during July-August 2018, when they found suspicious traffic originating from the Alcatel smartphones belonging to their customers.
A recent report by Upstream reads, “Over July and August 2018, through Secure-D, we observed a higher than usual number of transaction attempts in Brazil and Malaysia coming from a series of Alcatel Android smartphones (Pixi 4 and A3 Max models). Those suspicious requests were initiated by the same application named com.tct.weather in both Brazil & Malaysia.”
It further explains, “This com.tct.weather Android application is pre-installed on many Alcatel devices and is also available for download on Google Play. It provides “accurate forecasts and timely local weather alerts”. It has been downloaded by more than 10,000,000 users from Google Play. Similar transaction attempts coming from Alcatel devices and the application com.tct.weather were also blocked in Nigeria, South Africa, Egypt, Kuwait and Tunisia.”