Today, the Associated Press reported that G Data Software, a German security firm, discovered malicious code built in to the propriety software of a Chinese-made smartphone with dubious manufacturing origins.
The Star N9500 handset was purchased by the firm after it had received numerous customer complaints. A cheap handset available for purchase through online retailers, the possessed smartphone was discovered as having shipped containing spyware that could be used for an alarming set of paranoia-inducing ends. Rogue calls can be made remotely by hackers, personal data can be stolen and the microphone or camera can be turned on without the user’s knowledge.
G Data says that stolen information was transmitted to a server in China.
As we explored last week here at Mobile ID World, your smartphone is quickly becoming an integral part of your identity (if it isn’t already). The mere possibility of having your mobile device of choice infected is enough to keep some people from sleeping, but having malware already inside such an important device: that is simply nightmarish.
According to the Associated Press, a spokesperson for G Data said that his team spent more an a week trying to identify the Star N9500’s maker but turned up unsuccessful.
In terms of what can be learned from this admittedly creepy bit of news, turn to the topic of Bring Your Own Device (BYOD) policy. Bringing mobility to businesses large and small promises an increase in efficiency, but it requires proper policies be in place. Mobile device management software can help protect critical data from the outside, but the spyware built in to the Star N9500 is a reminder that companies should also have a list of authorized smartphone manufacturers whose products can be used for work.