Spyware-bearing Galaxy S4 clone gets banned from eBay

by: Edgar CervantesJune 20, 2014

star n9500

Buying smartphone clones can prove to be a dangerous activity, often causing more headaches than their discounted prices are worth. Proof of such devices’ danger manifested itself in the form of a spyware-bearing Samsung Galaxy S4 clone discovered this week.

The Star N9500 is nearly identical to Samsung’s past-generation flagship device, both inside and out, but it carried very nasty malware within. The news spread all over the web after German security firm G Data revealed the malicious nature of the device, to which eBay reacted by banning the smartphone from its storefront.

ebay for android

The €130 to €165 Star N9500 is no longer available from eBay, reducing the company’s global reach by titanic proportions. Said device’s manufacturer deserved no less than this, as they were taking users’ private information with no consent.

The Star N9500 could “retrieve personal data, intercept calls and online banking data, read emails and text messages or control the camera and microphone remotely”, sending everything to a Chinese server. All while camouflaged as the Google Play Store in the process management settings.

android trojan spyware star n9500 G Data

The malware could not be removed, as it was baked right into the firmware, and it prevented security updates. Needless to say, it was one nasty little bug you don’t want to run across.

No longer will future customers need to worry about this specific smartphone, but try to be careful when choosing your next phone. Clones coming from less than reputable manufacturers will have their problems. We wish these were all performance problems, but some may even attempt to take your privacy and information, as did the Star N9500.

Choose wisely and try to stick to well-known brands. As for eBay’s decision, we must tip our hats to them. It was the best they could have done for their customers. We certainly wish more retailers and sellers were as sincere.

  • More great PR for clone makers.

  • MasterMuffin

    I hope GooPhones are clean!

    “The Star N9500 was is nearly identical” :)

    • Android Developer

      Do you have one?
      I wonder how well they perform in performance, battery, communication, radiation, etc…

      • MasterMuffin

        No I don’t, but I like them. So shameless :D

        • Android Developer

          what do you like about them (except the price) ?
          Have you seen one in real life?

          • MasterMuffin

            I just like how utterly shameless they are :)

          • Android Developer

            Why? because they look similar to other devices?
            At least they don’t put the same branding (logo), or call it the same device.
            I hope that even China has a law for this.

          • MasterMuffin

            I hope you’re kidding

          • Android Developer

            kidding about which part?

  • Jayfeather787

    I think that this will still be managed to be sold on ebay. Sellers will try to get around this, but we shall see.

    • blusasuke

      They’ll change the name and have the phones back up in a week from the same sellers under new names.

  • flamencoguy

    Planted by hacker or manufacturer or an employee who was not authorized to do that? Many possibilities? Or just someone out to frame company> take your pick

  • Don Gerrard

    Don’t buy any clone phones, I bough one for my Daughter a copy note 3 and she was hacked the day she started using it. SMS messages were sent to international numbers every minute 24 hrs per day costing her a $1000 monthly phone bill that we are just trying to recover from the phone company. Don’t worry i’m tech savvy and done a lot of research but have been done like a dinner. I have emailed the seller of the phone, but as the usual excuse is, “no we would never do that out phones are good” tell that to the other 50,000 people you ripped off X $1000 not bad income. Good luck guys go ahead and buy if you dare but I will never again.

    • The Lion

      maybe you should have examined the phone thoroughly before using it and removed everything that is not stock android .

      • Don Gerrard

        Have you ever heard of firmware embedded obviously not, cant be removed

        • Android Developer

          If it’s an app that did it, you can root and remove it.
          If not, flash a rom (if there is any).

    • Mike Reid

      Low quality is enough not to buy these so called “clones”.

      Better off getting the real thing used.

  • The Lion

    Have to say this is an isolated example having lots of friends with chinese phones , i have a Cubot which once the crapware was removed after rooting is a fantastic phone with very little difference in performance between it and my S4 it even has stock android it was less than £120 and the easiest phone EVER to root .If you think about it its no different to someone installing a spyware laden app from the play store the only difference is it was preinstalled which says check the bloody thing over BEFORE using it and remove all the crap , you could buy a second hand or refurbed phone or pc or laptop with spyware on it if you don’t check it over it serves you right for being so naive!

    • Don Gerrard

      100% of chinese phone are rooted how do you think they get operating systems such as kitkat on them in the first place

      • Android Developer

        You don’t have to root your phone to flash a rom.

    • tabuburn

      “baked right into the firmware” – I don’t think we need to say anything more. Even if you root that, it’ll still be there unless you flash a different and clean firmware.

      Besides, the large majority of smartphone users are not as tech savvy as we are and just run their’s stock. Also, the article did not bash Chinese phones in general. They are aiming at the knock-off brands and not the established ones like Xiaomi, Oppo, etc.

      • Brian Tucker

        Rooting and flashing stable custom rom would settle it or downloading the original s4 rom Odin it

  • NikkiPinodyo

    My Uncle Riley got an almost
    new red GMC Canyon just by some parttime working online with a laptop. visit
    their website F­i­s­c­a­l­p­o­s­t­.­C­O­M­

  • Tim B.

    well was the spyware there if you flashed another rom?

  • MoogleStiltzkin

    does this issue also affect the “alps GT-I9500” ?

  • Dave

    people wake up! Dont blame on the clone. i see the code atleast whole malaysia andriod with all major branded smartphone! The hack is from network injection via boot.img and recovery.img /sbin/adbd. With network remote adb push firmware init.rc is modify then hacker have total control of then phone and replace google play store, service, facebook, whatsapp. Also root evelated network socket created before the phone put back to unroot mode. It happen during boot time in splite second! I have check, samsung, nokia, lenovo, sony, htc all has been affected here in KL malaysia. The commercial spy is already in mass hacking action now!

    • Dave

      The only way to avoid infection is to remove /sbin/adbd in both boot.img and recovery.img then load back a clean original rom together with the modification before boot. Else the code is back again “from the air” telco network frequency. I hv own and tested all major brand here in Malaysia. Is a big security hole in andriod but no one is listening … So i share this to those who believe and do further investigate …

  • As if genuine ones didn’t came with built-in malware…