A weather app that comes preinstalled on Alcatel smartphones contained malware that surreptitiously subscribed device owners to premium phone numbers behind their backs.
The app, named "Weather Forecast-World Weather Accurate Radar," was developed by TCL Corporation[1], a Chinese electronics company that among other things owns the Alcatel, BlackBerry, and Palm brands.
The app is one of the default apps that TCL installs on Alcatel smartphones, but it was also made available on the Play Store for all Android users --where it had been downloaded and installed more than ten million times.
But at one point last year, both the app included on some Alcatel devices and the one that was available on the Play Store were compromised with malware. How the malware was added to the app is unclear. TCL has not responded to phone calls requesting comment made by ZDNet this week.
App caused financial losses to users
The infection came to light last summer, when Upstream, a UK-based mobile security firm, discovered suspicious traffic originating from the smartphones of some of its customers.
In a report[2] published this week and shared with ZDNet, the company says it initially detected that the app was harvesting users' data and sending it to a server in China. The app collected geographic locations, email addresses, and IMEI codes, which it sent back to TCL.
But this weather app isn't the only suspicious app with intrusive permissions that collects data and sends it back to China. There are plenty of those around already.
Upstream devs also found that in certain regions, the malicious code hidden inside the app would also attempt to subscribe users to premium phone numbers that