When this started, phone owners got a call from the police and were requested by the police to go to the office where a complaint was issued. This meant that these phone users had to travel long distances on their own costs and their personal leave days from office. In contrast to the news, these were not only elderly people if much younger than 60 is not considered “eldery” . If they did not go there to make a formal statement, the police would held them accountable as as suspect . The malware hackers use the infected phone’s phone number to sell game points but the buyers never received the points and only had the phone number of the seller (which the malware had send to the hacker). Thus those games buyers went to the police with the only evidence of the phone number, and thus the phone owners were the suspects. This is as far I understand the story of one the affected phone users
That created a lot of cost, emotional distress and worries for innocent phone users being considered a criminal while they were now also aware to be in the posession of a hacked phone.
Taiwan Mobile offers an upgrade, but no refunds , compensation for phone user’s costs and lost personal leave, a phone replacement, nor any further investigations and information who is the manufacturer of the phone and the the sources of the malware. They could do better.
Following the news a bit further, it seems the malware was build into the Android operating system from the factory and thus not removable. This should be considered a big thing, (gaming) malware implants in Android OS from the factory should hot happen. The creators of the OS image should sign the image so that the factories never can modify it. Likely the image was controlled and released by Taiwan Mobile but they may have had a severe lack on control. Before pointing at the China manufacturer, Taiwan government should first look deeper and rule out there was lack of security control process of these Taiwan phone companies. The creators of the OS image should be charged for criminal offence.
Since the malware was buried in the OS (kernel) only a few people would and should have had access to such source code. The person with access should easily to be traced back, unless there is a severe lack of security control. Taiwan’s Mobile ISO 27000 certificate should be revoked in case irregularities are found. Taiwan likely underestimates and too much downplays the severity of this case. Potential other companies who haven’t been found with such implants could have products in the wild.
Besides, why did it take the police many months to find a correlation and release information only today which company and model was impacted when all users were using the same phone model from the same telco ? You really don’t need AI for that.
Even last year this issue was already in the news and thus known, then the finger was pointed at China with no mention of what models and companies were involved This points again the bias of “everything China is bad” stance that has infiltrated into all parts of Taiwan society and news channels.
Taiwan Mobile (Taiwan Big Brother) = watching you.