Between December 2018 and October 2019 the malware – software that is designed to damage or compromise computers and networks – generated more than 27.85 million yuan (US$4.25 million) in profit for the two companies, according to a ruling by the court in Yiwu, Zhejiang province.

The malware involved in the Gionee case was designed to execute so-called “live pulling”, a function that would generate clicks, explains Michael Gazeley, managing director at online security service provider Network Box Corporation.

“There are a lot of advertising platforms out there where as you create clicks, those clicks are worth a tiny amount of money each,” he said. “Of course if you generate millions and millions of clicks, then that actually becomes a significant income.”

Apple’s iPhone 12 launches in China to strong demand

The key difference between the Gionee malware case and similar click fraud cases is that normally, an attacker needs to find a third-party way to get their malware onto devices, Gazeley said. The motivation in this case seems to be that the employees were simply desperate to find another way to make money, according to Gazeley.

The bottom line, however, is that Gionee already had the “right” to install whatever code they wanted.

“This is part of a much wider threat vector; namely vendors, vendor staff, and perhaps even governmental directives, resulting in backdoors, rogue administrative access, and vulnerabilities, which put organisations’ and individuals’ data, privacy, and security, at risk,” said Gazeley.

Gionee is in fact no longer a Chinese brand. After a string of financial difficulties, the Shenzhen-based company went bankrupt in 2018 and sold its India operations and the rights to use the brand for 10 years to Karbonn Mobiles, owned by Delhi-based Jaina Group. The company did not respond to a request for comment.

However, Gionee’s malware case has reignited concerns over Chinese budget smartphone makers, many of which have built their businesses in developing markets where high-end handsets, such as an Apple iPhone or Samsung Galaxy, are out of reach for most.

In August, cybersecurity company Secure-D uncovered that malware was secretly infecting smartphones made by Transsion, a company that is little known in the West but which has become a popular brand in Africa, thanks to its affordable handsets.

The malware, found in 53,000 devices of Transsion’s brand Tecno, generated fake clicks, attempted to subscribe users to paid apps and services and installed other suspicious apps without the users’ knowledge, using up their data in the process, according to Secure-D.

Huawei pushes release of new 5G smartphones despite US sanctions

Transsion told BuzzFeed in August that the malware was installed in the supply chain without its knowledge.

“The fact that the Triada malware infected multiple manufacturers around the same time period, together with Transsion’s subsequent efforts to remove it from their devices, suggests that … Transsion was not complicit in the purposeful infection of their devices,” Geoffrey Cleaves, head of Secure-D, told the Post.

Other budget smartphones from China have faced issues in keeping their systems and phones clean of malware.

Last year, Secure-D found an ad-fraud app on Alcatel phones in Brazil and Malaysia made by TCL Corporation, a Chinese tech firm that also used to make Blackberry devices. UMX (Unimax) Communications, another Chinese brand specialising in low cost phones, was found to have malware installed on one of its phones by cybersecurity company Malwarebytes at the beginning of 2020. Both companies subsequently stated that they have fixed the problems.

This is not even the first time that Gionee smartphones were found to be infected with malware. In 2014, IT security consultancy Lookout found malware preinstalled on Gionee phones alongside handsets from another local brand Haier, German media reported at the time.

But some analysts said that malware problems should not be blown out of proportion. Many consumers in developing markets are not even aware of the issue, said Will Wong, manager at telecoms research firm IDC.

“I believe that the reputation of China’s low-budget smartphones is unlikely to be dampened by these scandals,” said Wong.

Xiaomi’s RAM drive for smartphones gives gamers a speed boost

Gionee handsets are still being sold in India as well as China. Although not as popular as big brands such as Samsung and Apple, the company shipped 84,900 units in the third quarter of this year, according to data from IDC. The company released a new handset this week called the Gionee K30 Pro.

Meanwhile, cheaper smartphones may be getting even more popular, with Covid-19 lockdowns and restrictions forcing millions more people to work and educate themselves from home. For budget-conscious consumers that cannot afford devices like a tablet or notebook, an affordable smartphone is a common solution, said IDC’s Wong, which could mean that more users are potentially exposed to unwanted malware.