02/09/2021
Users often refer to push-button phones as much safer devices than smartphones. However, cell phones come with closed software and offer an extremely modest set of features and interfaces, so it is harder to infect them with a virus. However, the author with the nickname ValdikSS from "Habra" conducted a study in which he found that "dialers" often come with pre-installed malware. The researcher decided to test the five most different mobile phones. Devices from different manufacturers and based on different platforms. All tested phones are available on the Russian market. These are Inoi 101 based on the RDA826 chipset, costing 600 rubles, DEXP SD2810 with the SC6531E chip, costing 699 rubles, Itel it2160 based on MT6261, which can be purchased at Russian retail for 799 rubles, Irbis SF63 with the SC6531DA chipset, which is offered for 750 rubles, and F + Flip 3 on the same chipset, the price of which reaches 1499 rubles. As it turned out, only one of the devices was not preinstalled with malicious software.The researcher tested all the devices he purchased with the help of professional equipment and specialized software. Funny, but the most affordable phone turned out to be "clean". Inoi 101 does not contain malicious functions and does not cause the owner trouble in the form of sending paid messages.The situation is much worse with the other tested phones. Itel it2160 announces its online sales without notifying the user. The phone transmits data such as IMEI, country where the phone is activated, device model, firmware version, language used, activation time and base station ID. In turn, F + Flip 3 is not able to connect to the Internet, but it notifies of the fact of sale via SMS, sending IMEI and IMSI. DEXP SD2810 is especially dangerous for users. Although the device does not contain a browser, but connects to the Internet via GPRS, without warning about the sale. The phone transmits IMEI and IMSI, sends paid SMS to short numbers and executes the commands of the dubious server received in response to these SMS. And all this right out of the box! The modest-looking Irbis SF63 also boasts a similar set of malicious features. The phone reports the sale via the Internet, transmits the encrypted data to the questionable server and executes the commands received from it. There are cases when "callers" stole a phone number to register accounts on social networks.The researcher states that the brands under which the phones are sold are to blame in the current situation. They often order software and hardware development from OEMs. Those, in turn, are ready to implement questionable features in the device for an additional fee from a third party. Unfortunately, regulators don't care about phone software. The Ministry of Statistics checks only the certification of products for compliance with world and Russian communication standards.The only way to reinsure yourself when buying a push-button phone is to buy a world-class device. Nokia phones, for example, do not contain malware, but their price is often 2-4 times higher than the cost of any DEXP.
