Vodacom strikes key deals as it repositions pan-Africa operations

Vodacom's new
take on Africa

Operations in key
markets repositioned.

Tuesday, Jun 25th

Upstream’s Security Platform, Secure-D, Unveils Alcatel Smartphones Sold with a Suspicious App From TCL, Also Available on Google Play

Upstream’s security platform, Secure-D, unveils Alcatel smartphones sold with a suspicious app from TCL (Photo: Business Wire)Upstream has unveiled that Alcatel smartphones are sold with a suspicious pre-installed weather forecast app, also available on Google Play.

Jan. 10, 2019 10:29 UTC - London--(BUSINESS WIRE)-- Upstream, the technology company leading the mobile internet revolution in high growth markets, has unveiled that Alcatel smartphones are sold with a suspicious pre-installed weather forecast app, also available on Google Play.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20190110005255/en/

Upstream’s security platform, Secure-D, detected suspicious activity initiated by an Android application named “Weather Forecast – World Weather Accurate Radar” in Brazil and Malaysia. This application was later found pre-installed on Pixi 4 and A3 Max devices from Alcatel, a brand owned by Nokia. The devices are manufactured under licence by Chinese electronics company TCL Corporation, a manufacturer of Alcatel and Blackberry branded mobile phones.

The application, which has since been removed, was also available on Google Play, with more than 10 million downloads, including those in the UK, USA and France. It claimed to provide “accurate forecasts and timely local weather alerts”. Despite user complaints, which were seemingly pushed down the ‘ratings and reviews’ section, the app had a 4.4 star rating.

When infected devices were tested by Secure-D, the app was found to collect and transfer users’ personal information to servers in China, including the user’s device ID, their email and location. Furthermore, it was found to behave like a typical malicious app, which attempts ad fraud, by loading pages with ads and clicking on them, as well as trigger subscriptions to premium services without user consent.

This activity, invisible to the users, was consuming up to 250MB of their data daily, which had a particularly adverse impact on consumers in emerging markets, where the cost of data is extremely high – for example, in Brazil 1GB costs the equivalent of 6h of work on minimum wage (vs. 30 min in Germany).

Guy Krief, CEO of Upstream commented: “The combined growth of smartphone penetration and mobile advertising is providing the ideal set-up to perpetrate ad fraud, mainly with mobile malware. This year only, an estimated $19 billion will be stolen through ad fraud, which can become payment fraud in emerging markets, affecting not only brands but also consumers’ wallet and privacy.”

Secure-D has detected and blocked over 3 million fraudulent transaction attempts generated by the “Weather Forecast – World Weather Accurate Radar” app across 7 markets. Had they not been blocked, these transactions would have translated into $1.5m fraudulent charges to users’ airtime in Brazil, Malaysia, Nigeria, South Africa, Egypt, Kuwait and Tunisia.

The application ranked among the top 5 weather apps in 30 countries, including the US, UK and France. It was the sixth most popular weather app in the UK and Canada, and ranked among the 20 most popular weather apps in the U.S in 2017.

For the full report on the investigation please click here.

Upstream has worked with The Wall Street Journal to bring this story to light. You can read their write-up here.

View source version on businesswire.com: https://www.businesswire.com/news/home/20190110005255/en/

Contacts

Alexi Foster
Diffusion PR NY
E: This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
P: 646-571-0120

Lucy Westman
Diffusion PR UK
E: This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
P: 0207-291-0230

ALSO ON ITWEB AFRICA

Kenyan consortium launches mobile banking app Published on 22 May 2019

Mobile loan product Stawi introduced, backed by Central Bank of Kenya.

MTN Nigeria server hit by suspected cyber criminals Published on 18 June 2019

MTN has reportedly lost R28m in in just under two hours when suspected cyber criminals attacked its server on Saturday.

NEC XON's biometrics demonstrations draw ministerial interest at ID4Africa Published on 24 June 2019

NEC's Bio-IDiom multimodal biometrics suite recently drew the interest of South Africa's Minister of Home Affairs at ID4Africa.