eBay has banned sales of Star N9500 smartphones after allegations of factory-installed spyware.
Germany security firm G Data reported that the Trojan spyware cannot be removed and sends personal data to a server located in China.
The spyware, which runs in the background and cannot be detected by end-users, can also install additional applications and block security updates. As a result, it can retrieve personal data, intercept calls and online banking data, read emails and text messages, and allow remote control of the camera and microphone.
The online auction site has implemented a global ban as a precautionary measure, but the handset remains on sale on Amazon, which could not be reached for comment, according to the BBC.
The Star N9500 closely resembles the popular Samsung Galaxy S4, but sells for about a third of the cost.
The Associated Press news agency has reported that although several Shenzhen-based firms use eBay and other sites to sell the Star handset, it had been unable to track down the manufacturer. It is unknown if the manufacturer is aware that the spyware is being installed as part of the production process.
In 2012, Microsoft reported that several PC makers in China had been loading malicious software onto their computers. Microsoft’s digital crimes unit stumbled across the malicious software during an investigation into Chinese manufacturers in August 2011.
This and other similar incidents have led security industry representatives to urge suppliers of hardware, software and services to beef up their supply chain security.
Read more on supply chain security
Cisco boss appeals to President to get spooks out of supply chain
UK defence industry to fast-track supply chain security
Supply chain key to comprehensive security, says Cisco
Q&A: Understanding — and surviving — supply-chain security issues
IT manufacturers fight cyber espionage risks in the supply chain
Security Think Tank: IP protection is as weak as the weakest link – fix the supply chain security
Expert says supply chain risk management needs to be on your radar
RSA Europe: Security concerns whole supply chain, says Misha Glenny
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Related content from ComputerWeekly.com
RELATED CONTENT FROM THE TECHTARGET NETWORK