TAKING A BREAK from its main job of pumping out cheap and cheerless smartphones for Alcatel and keeping BlackBerry-branded phones on life support, TCL Communications has been caught collecting user data for mysterious Chinese servers, according to security firm Upstream Systems.
The company's Android app - ‘Weather Forecast - World Weather Accurate Radar', or WFWWAR as literally nobody calls it - has been downloaded more than 10 million times from the Google Play store. Upstream Systems found that the app has been collecting users' location, email address and IMEI number, and uploading the info to servers in China.
As if that wasn't creepy enough, to add insult to injury, the app has also allegedly been trying to subscribe Alcatel users in Brazil, Malaysia and Nigeria to paid VR services, while slyly loading pages - some of the mucky variety - to generate fake ad clicks.
Indeed, it's this that tipped off Upstream Systems to investigate. "Over July and August 2018, through Secure-D, we observed a higher than usual number of fraudulent transaction attempts in Brazil and Malaysia coming from a series of Alcatel Android smartphones (Pixi 4 and A3 Max models)," the researchers write. "Those fraudulent requests were initiated by the same application named com.tct.weather in both Brazil & Malaysia.
"Overall, whether pre-installed on Alcatel devices or downloaded from Google's official Play Store, the application com.tct.weather has generated over 27m fraudulent transaction attempts across 7 markets. Had they not been blocked by Secure-D these transactions would have translated into $1.5m fraudulent charges to users' airtime."
A smattering of Google Play reviews captured by the company showed that the app wasn't exactly subtle about the fact it was up to something, with it hogging both mobile data and draining battery life. "Used half a gig of my mobile data without reason, unable to uninstall app," read one review.
Upstream Systems says that the app is no longer trying to subscribe users to third-party services, but it is still freely harvesting user data.
This isn't the first time TCL has been caught in hot water its apps. Early last year, Alcatel users reported that their core apps were being replaced by ad-supported versions as part of ‘security updates' delivered over the air. µ
Rare protest is blocked at the source (code)
Galaxy Fold... more like Galaxy F***ed
And the nostril-facing webcam has been replaced
No port in a publicity storm