You may be paying a higher price for that low-cost phone. That doesn’t seem to make any sense but you will understand after reading this article. You see, most affordable devices being made and sold by Chinese OEMs are reportedly gathering data of mobile users. Not that we haven’t heard of this truth but new reports, more often than not, make us feel less safe and secure. If your phone is considered budget-friendly, be warned because it may be collecting your information without you knowing.

An app developed by Taiwanese developer General Mobile Corp. (GMobi) was discovered to be running on Singtech P10 units. The phone model is from China and is currently available in Cambodia and Myanmar. We have no word on how many phones are already in the hands of consumers but they are sending details of owners to the company. The GMobi app is also found to be installed on some phones manufactured in India and China or those sold in Brazil. There was no denying the discovery as GMobi noted that data being collected are only used to show ads.

The idea of targeted ads is something we’ve seen before. Amazon Prime Exclusive phones used to have lockscreen ads but they’ve been removed. We don’t usually care much about those little ads but we know they can be annoying to a fault.

GMobi claims it shares the data harvested with other OEMs. Information is gathered by an app installed on a phone with the permission of the manufacturer. It’s not really a dubious app as it is what allows the company to release software or firmware updates. People are not aware of this. Well, neither do other companies and OEMs.

This is clearly exploitation. In some countries like the United States and the European region, this is considered unlawful. If you may remember, the situation is similar to ADUPS security breach from a years ago. We said before Chinese-made phones were vulnerable to a secret software that tracks behaviors. This was the reason BLU kicked out the spyware from their devices after being kicked out of Amazon. The phones were listed again but some mobile users are now being more careful in their choices.

In India, there’s MoMagic offering the same firmware-updating app that is believed to be collecting people’s details that may help the OEMs and brands.

The discovery was done by mobile commerce and security firm Upstream Systems. The London-based group claimed that the phones are sending data to GMobi. It’s usually activated with a simple firmware update. Some details that may be sent about you or your device include your International Mobile Equipment Identification (IMEI) number, MAC addresses, and other numbers. Data are sent to GMobi’s location servers.

Upstream said it already blocked the said app from further attempts. Meanwhile, GMobi isn’t sharing what companies it has already worked with we know about Xiaomi and Huawei. Interestingly, Huawei denied the partnership.

We believe GMobi and AdUps are only two similar software. There’s probably more gathering and sending out of data unknowingly. GMobi is now considered by malware by scanning services.

VIA: WSJ