VietNamNet Bridge – Low cost smart phone users have been warned that they are facing high risks. They may have data stolen, information exposed or lose money in accounts.

A report showed that there are some 30 million smart phones in Vietnam out of the total 130 million mobile phone subscribers. Of these, 80-90 percent are low cost smart phones, that use Android 2.x operation system. Low cost smart phones are understood as the products valued at some VND2 million or lower.

Making use of the high number of vulnerable low cost smart phone users and the security hole on Android 2.x, a lot of institutions and individuals have created the software pieces which can send messages automatically to “pick users’ pockets.”

In general, the software pieces are disguised under the mask of free games so as to easily to persuade users to install them.

Long, a network administration operator in district 7 in HCM City, said that he once intended to download 1-CLICK CLEANER, an app introduced as helping “clean the system” to his phone, because he thought that the big volume of data stored in the phone made it run slowly.

During the installation, Long discovered that the software required to have the right to edit his messages, read messages, directory and list of calls.

“This is quite strange. A software piece to clean the system won’t need the rights,” he said.

Hang in Go Vap district in HCM City, said she had never met any trouble with her Android-based smart phone until one day, when she installed a game.

After that day, Hang saw a lot of strange things with her phone. She found out that she lost money in the account, though she did not make calls or send messages.

When Hang asked for the help from the mobile network operator, she was told that there were some messages from her phone to the subscribers overseas. Hang then decided to reset the phone and not to install any apps.

Huynh Duy in Binh Chanh district has recently discovered that sometimes VND20,000-40,000 were deducted from his account even though he did not make calls or send messages.

When he made a complaint to the call center, he was told that his smart phone automatically sent messages to many domestic and foreign numbers. Especially, his smart phone sometimes made 3G connections.

Experts said that the developer of “Permission” has every reason to design the feature. “Permission” helps users discover the latent risks. However, most users ignore “Permission” when installing software, and simply press “install.” This is a big hole for malicious apps to penetrate and pick users’ pockets.

According to Athena, an Internet security center, the low cost smart phone series running on Android 2.3.3 or older products now have an error with “Clientlogin.” Hackers can make the corrupt use of Clientlogin hole to change the users’ directory and private images.

A research work of the HCM City Information Technology University’s team has found that hackers can find the positions of phone users, turn on phones’ microphone and record sounds and images, and then send files to targeted emails.

Dr. Nguyen Anh Tuan from the school has recommended users not to install software from unreliable sources. He has also advised buyers to reset newly bought phones to clear the installed malware.

NLD