TCL Weather App Pre-Installed On Alcatel, BlackBerry Phones Collecting Way Too Much Data


A weather app made by TCL, loaded by default on some Alcatel phones and also available in the Play Store, was found by security firm Secure-D to be harvesting users' personal data and using that data to commit fraudulent financial transactions. Those transactions centered around signing users up for various paid subscription services without their consent. Thus far, the activity seems to have only taken place in smaller markets like Brazil, Nigeria and Malaysia. While Secure-D managed to catch many of these attempts and the app has been taken down from the Play Store, the estimated cost to users if the attempts had been successful is around $1.5 million in total. The threat has seemingly been neutralized at this time, but owners of Alcatel and Blackberry phones would do well to disable their stock weather app and use another, and those who have downloaded it from the Play Store are urged to uninstall it and use a different app.

Background: The findings began with reports of fraudulent transactions received by Secure-D. These reports seemed to originate largely from Alcatel Pixi 4 and Alcatel Max A3 smartphones in the affected regions. Upon further investigation, Secure-D was able to determine that all of the similar-looking fraudulent transaction requests originated from the same app across devices. The weather app in question has a number of possibly invasive permissions that are required for usage, and in particular, it was found to be sending users' physical locations, IMEI numbers, and email addresses to a server in China. While the location is par for the course with weather apps, the users' email addresses and device IMEI numbers are not typically useful to the core function of such an app, and thus, should raise alarm bells with security-conscious users. Secure-D investigated the matter by securing a number of allegedly affected devices, and operating them in a monitored environment. The devices showed noticeable lag, as reported by users, and as soon as they began operating, started sending data and requests to servers in China that were seemingly unrelated to the app's advertised weather function. The app was also found to be committing ad fraud, which ate up users' data allotments and affected device and network speeds, by making large numbers of web requests to advertisers and sending clicks. These clicks often resulted in purchasing paid subscriptions either using billing information stored on the device, or by billing subscriptions to a user's carrier bill.

Impact: The app's play store rating, 4.4 stars as of this writing, may also be fraudulent. Many of the 5 star ratings for the app only had one or two words, and they were found to be drowning out a good number of one and two star reviews that point out some of the problems with the app that users face, such as slowing down devices or using up far more mobile data than a weather app has any business using. While no outside investigations, criminal or otherwise, have been announced at this time, this development could have far-reaching implications. For starters, TCL manufactures Alcatel phones on license from Nokia, and also manufactures BlackBerry devices with the blessing of the company that once did so, back when the brand was in its heyday. No such activity has been detected on any other apps associated with TCL, Alcatel, or BlackBerry as of this writing, though caution should be taken with any apps made by TCL. In fact, it's good practice to take a close look at all of the permissions for any app you install. A link to the app in the Play Store is provided below for reference. For obvious reasons, Android Headlines does not recommend installing the app.

Share this page

Copyright ©2019 Android Headlines. All Rights Reserved.

This post may contain affiliate links. See our privacy policy for more information.
Senior Staff Writer

Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, Voice assistants, AI technology development news in the Android world. Contact him at [email protected]

View Comments