Gionee illegally planted malware on more than 20 million phones

Gionee was once a thriving smartphone brand but it had a miserable failure. The company declared bankruptcy in November 2018 and its chairman was found to have lost over $144 million to gambling. However, it seems like the buck did not stop there. The Chinese smartphone maker reportedly engaged in dishonest behaviour to make money from smartphones sold by the brand.

Also Read: Philips seeks ban on Xiaomi phones in India for alleged patent infringement

The China Judgement Document Network has found that Gionee indulged in illegal control of computer information systems. In a published verdict, the court found that the smartphone maker intentionally planted more than 20 million Gionee smartphones with Trojan horse malware. This was done via an app between December 2018 and October 2019.

Gionee intentionally plants malware on its phones


Gionee M12 was unveiled in Nigeria last month

The verdict further notes that Gionee intended to profit off from users through unsolicited ads and other illegitimate means. The court also found that Beijing Baice Technology Co., Ltd. secretly worked with Gionee subsidiary Shenzhen Zhipu Technology Co., Ltd. to implant Trojan horse programs into Gionee users’ smartphones. They used the update released for “Story Lock Screen” app to implant malware on devices.

The discovery shows that the app automatically updated on the affected Gionee mobile phones without the user’s knowledge using the pull method. In December 2018, Wang Dengke reportedly proposed the idea of implanting the hot update plug-in “Dark Horse Platform” into apps such as “Story Lock Screen”. Dengke intended to take advantage of the inefficiency of the existing “pull” method.

Later, the app and its SDK version were upgraded with Trojan plug-in and then the “Dark Horse Platform” was used to install and update the “Living Trojan Horse” without knowledge of the user. The proposal was implemented later that month. The court document reveals that both the companies successfully executed the pull activity a total of 2.88 billion times.

From April 2019, the number of devices covered by the monthly “pull activity” is estimated to be more than 21.75 million. In October 2019 alone, 2,65,19,921 Gionee devices were involved in this fraudulent activity. Both Beijing Baice Technology Co., Ltd. and Shenzhen Zhipu Technology Co., Ltd. are estimated to have made a revenue of RMB 27.85 million (~ Rs 315 million) against an expense of RMB 8.425 million (~ Rs 95 million).

Court finds Gionee committed the crime

The court ruled that the defendant Shenzhen Zhipu Technology Co., Ltd. committed the crime of illegally controlling the computer information software. It also found defendants Xu Li, Zhu Ying, Jia Zhengqiang, and Pan Qi. They were sentenced to three to three years and six months of jail terms and were slapped with a fine of RMB 2,00,000 (~ Rs 22,56,562).

This practice of installing adware is common among Chinese smartphone makers. A report published in August found such malware in phones from Infinix and Tecno made by Transsion Holdings. The idea is to steal money from user’s by displaying ads and sending clicks to ads without the user’s knowledge.

However, the scale at which Gionee operated this scam raises eyebrows. Shenzhen Zhipu is a subsidiary of Shenzhen Gionee Communication Equipment Co., Ltd. The latter holds 85 percent of the shares of Shenzhen Zhipu, which operates in computer software technology development. It has a registered capital of RMB 10 million and Xu Li is listed as legal representative.