Categories: Gadgets & Apps

Tecno smartphone reportedly comes with malware preinstalled


Low-cost smartphones are products we have covered a number of times. They are one of the tools that lower the bar to entry for people to have access to internet services. Well, it seems like one of those smartphones was a vessel for malware. Findings reported by Secure D Upstream’s full-stack anti-fraud platform revealed that a model made by Transsion had malware preinstalled.

The model identified by Secure D is the Tecno W2, and the malware it contains is called Triada. This software acts as a backdoor and malware downloader. Triada installed a trojan, which is a program or code that is designed to look normal, called “xHelper“. When the malware is exposed to the right conditions, which could be a particular phone network. xHelper components would then make requests to find new subscription targets and submit requests on behalf of the owner of the phone without their knowledge.

Secure D caught and blocked a large number of transactions coming from Ethiopia, Cameroon, Egypt, Ghana, South Africa and 14 other countries. According to Secure D, there have been a total of 19.2 million suspicious transactions.


An added problem is that the xHelper trojan appears across reboots, app removals and even factory resets. This makes this malware particularly difficult to get rid of. According to Secure D, had these transactions been successful they would have spent users’ prepaid airtime.

“This particular threat takes advantage of those most vulnerable. The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against.”

Geoffrey Cleaves, Head of Secure-D at Upstream

Google, the supplier of the Android OS in the Tecno W2 said that the presence is Triada malware was probably down to an actor somewhere within the supply chain.

Secure D concluded by saying that there were no signs of the Triada Malware found affecting other phone models created by Transsion (Itel, Infinix, or Tecno models outside of the W2).

Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, chat with us using the chat feature at the bottom right of this screen

Leave a Reply

Your email address will not be published.

Published by
Valentine Muhamba

Recent Posts

Why you should consider starting your own podcast & what you’ll need to get the ball rolling

Podcasts are among my favourite forms of entertainment. They often fill in the gaps when…

October 30, 2020

SABC wants Netflix users to pay a TV licence because regulation is outdated

When we wrote about SABC's upcoming streaming service we touched on the fact that SABC…

October 30, 2020

Poor service delivery highlighted by SIVIO Institute local governance tracker

A couple of years ago SIVIO Institute launched ZimCitizensWatch which is a tool that tracks…

October 30, 2020

This Zim company is using blockchain tech to prevent use of fake vaccination certificates

At the main bus terminus in Harare, Zimbabwe’s capital, travellers heading to neighbouring Zambia can…

October 30, 2020

Meet Sika, the app to dial a barber or hairdresser from your home

Alistair Holmes spent a few months at home during that lockdown that left everyone who…

October 30, 2020

Upgrading to Android 11 will break your favourite apps

Google engineers are sometimes like your mother cleaning your room unsolicited. You swear you left…

October 30, 2020