Tecno Shipping Phones With ‘Click Ad Fraud’ Malware


An investigation by an anti-fraud firm Secure- D, owned by UpStream, has revealed that Africa’s largest phone manufacturer, Tecno is shipping phones into the continent with “Click Ad Fraud” malware that is pre-installed into Tecno handsets.

According to Secure – D, malicious code known as xHelper/Triada comes pre-installed in Tecno phones with code that is said to find subscription based services in the phones and then submits fraudulent requests on behalf of the users without their knowledge and in the process robbing them of their money by taking pre-paid airtime.

The malware also downloads subscription-based apps and then users are signed up for the services without their consent. It is reported that the transaction requests might be coming from a family of applications called com.mufc as its source in the phones remains unknown and cannot be downloaded from Android app store.

Over 19.2 million suspicious transactions were discovered from over 200,000 Tecno devices that were used in the investigation that started in March 2019 and ended in August 2020. Phones from Ethiopia, Cameroon, Egypt, Ghana and South Africa and 14 other countries were reviewed for malicious code.