The Federal Office for Information Security (BSI) warns against certain tablets and smartphones that have already arrived or arrived at the customer with malware in their luggage. The authority warns users of these devices to be especially careful.

Specifically, it's about the Tablet Eagle 804 from Krüger & Matz, the smartphone S8 Pro from Ulefone and the smartphone A10 from Blackview. All three devices were ordered by BSI analysts via Amazon. The tablet already came with a pre-installed malware that "makes contact with a well-known Command and Control server", as it is called by the BSI. Although the two phones had no pest in the current version, but the manufacturers offer the Office according to the network only a firmware with a low version number for download - in which then the same malicious software is as in the aforementioned tablet.

So it can be assumed that a little earlier purchased smartphones are also affected. Originally the company Sophos had already reported in October 2018 about corresponding infections in the Ulefone S8 Pro. The conclusion at that time: If a smartphone is too cheap, users could possibly pay in another currency - for example, with their privacy.

Even though these are lesser-known manufacturers, the problem seems to affect some users in Germany: The BSI has data, according to which more than 20,000 connections of different German IP addresses per day would be made with said server. It must therefore be assumed "of a larger dissemination of devices with this malware variant in Germany," it says from the Federal Office. Affected are not only the mentioned, but many more device types.

"Okay for the price," found one user

After the warning of the BSI, Amazon stated to the authorities on Monday evening that they had taken the devices out of the assortment. They were orderable the afternoon before. The German-speaking purchase reviews about for the S8 Pro by Ulefone were mixed, but the phone came through reviews such as "cheap and good" or "okay for the price" at the mail order company to four stars. The A10 from Blackview reached at least 3.8 stars, but here already in May 2018 a user had warned in a review: "Beware of malware". His antivirus program has detected a pest in an app that can not be uninstalled or disabled. This fits Sophos' technical specifications for the S8 Pro from Ulefone.

The malicious software that the BSI warns not only sends device data to the server, but also has a reload function. This means that once the malware is on the device, other Trojans with different functions can be secretly smuggled onto the devices - for example, to spy on bank data or the like.

Affected people get tips on what to do now

Even users who bought one of the phones without malware must be vigilant, according to the agency. "Customers should not surrender to any apparent certainty, they need to know that they are using a device that is easily infectible," says BSI President Arne Schönbohm to SPIEGEL. "If a device is affected, the data can be copied to the device, possibly even the control can be taken over." In any case, online banking or smart home control with the devices is strongly discouraged.

The BSI has informed manufacturers and asked them to restore the safety of their customers. In addition, German providers were informed about infected devices in their networks and asked to warn those affected. On the BSI website, users who own such a device are given tips on what to do next. It is advised to contact the dealer who sold the device and ask for an exchange.