| Recurring |
one_organization, multiple_organization |
(a) The software failure incident of pre-installed malware on smartphones has happened again within the same organization. Tecno, a Chinese phone manufacturer, had a similar incident in the past with their Tecno W2 smartphones. The Triada malware, which signs users up for subscription services without their permission, was found on thousands of Tecno handsets sold in Africa [103942].
(b) The software failure incident of pre-installed malware on smartphones has also happened at other organizations. For example, in the past, security firm Malwarebytes warned about similar pre-installed apps on another Chinese Android phone, the UMX U686CL, which was offered to low-income families in the US via a government scheme. Additionally, in 2016, researcher Ryan Johnson found that over 700 million Android smartphones had malware installed. Google, the developer of the Android operating system, has been aware of such issues and has attributed the problem to third-party vendors used by manufacturers [103942]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be attributed to the presence of malware on thousands of Tecno W2 smartphones sold in Africa. The malware, known as Triada, was pre-installed on the handsets during the supply chain process without the manufacturer's knowledge [103942]. This indicates a failure in the design and development phase of the system, where malicious code was introduced into the devices before they reached the end-users.
(b) The software failure incident related to the operation phase is evident in how the Triada malware on the Tecno smartphones operated. The malware signed users up to subscription services without their permission, invisibly and without the user's knowledge. This operation of the malware led to fraudulent requests being submitted on behalf of users, consuming pre-paid airtime for digital services in developing countries [103942]. This highlights a failure in the operation of the system, where unauthorized actions were carried out by the malware impacting the users' experience and financial resources. |
| Boundary (Internal/External) |
within_system |
(a) within_system:
- The software failure incident involving malware on Tecno W2 smartphones was due to malicious code known as xHelper being installed within the devices during the supply chain process without the manufacturer's knowledge [103942].
- The Triada malware, which was responsible for the fraudulent subscription requests, was found pre-installed on the Android smartphones, indicating an internal issue within the system where the malware was embedded in the devices before reaching the end-users [103942].
(b) outside_system:
- The article does not provide specific information indicating that the software failure incident was caused by contributing factors originating from outside the system. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident in the article was primarily due to non-human actions. The malware, specifically the Triada malware, was found pre-installed on thousands of Tecno W2 smartphones sold in Africa. This malware signed users up to subscription services without their permission, consuming pre-paid airtime invisibly and without the user's knowledge [103942].
(b) The article does not mention any specific human actions that directly contributed to the software failure incident. The manufacturer, Transsion, stated that the malware was installed in the supply chain without its knowledge, indicating that human actions within the company were not intentional contributors to the failure. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware:
- The article reports that thousands of Tecno W2 smartphones were found to contain malware, specifically the Triada malware, which installs malicious code known as xHelper [Article 103942].
- The malware was found pre-installed on handsets sold in various African countries, indicating that the issue originated in the hardware supply chain [Article 103942].
(b) The software failure incident related to software:
- The Triada malware, which was the cause of the software failure incident, installs malicious code known as xHelper on the Android smartphones, leading to fraudulent requests being submitted on behalf of users without their knowledge [Article 103942].
- The malware takes advantage of vulnerabilities in the software of the smartphones, allowing it to invisibly consume pre-paid airtime for digital services [Article 103942]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in this case is malicious. The incident involved malware being pre-installed on thousands of Tecno W2 smartphones, which signed users up to subscription services without their permission. The malware, known as Triada, installed malicious code that submitted fraudulent requests on behalf of users, consuming pre-paid airtime without the users' knowledge. This malicious activity was done invisibly and took advantage of vulnerable users, particularly in developing countries [103942]. The malware was installed in the supply chain without the manufacturer's knowledge, indicating a deliberate act to harm the users and exploit their devices for fraudulent activities. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The intent of the software failure incident:
The software failure incident involving the Tecno W2 smartphones containing malware can be attributed to poor decisions made in the supply chain. The malware was installed on the devices without the knowledge of the manufacturer, Transsion. Upstream, the anti-fraud firm, highlighted that the malware was taking advantage of vulnerable users, particularly those in low-income households who purchased these smartphones [103942].
(b) The intent of the software failure incident:
The incident can also be linked to accidental decisions or unintended consequences. The malicious code found on the Tecno smartphones was signing users up for subscription services without their permission, leading to fraudulent requests being submitted invisibly and consuming pre-paid airtime. This unintended consequence of the malware installation impacted users in developing countries who rely on pre-paid airtime for digital services [103942]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident related to development incompetence is evident in the case of the malware found on Tecno W2 smartphones. The Triada malware, which signed users up to subscription services without their permission, was pre-installed on the handsets during the supply chain process without the manufacturer's knowledge [103942]. This indicates a lack of professional competence in ensuring the security and integrity of the software during the development and manufacturing stages.
(b) The accidental software failure incident is highlighted by the fact that the malicious code was installed on the smartphones without the manufacturer's knowledge. Transsion, the manufacturer, stated that the malware was installed in the supply chain without their awareness, indicating an accidental introduction of the malicious software onto the devices [103942]. |
| Duration |
permanent |
(a) The software failure incident in this case can be considered as permanent. The malware containing Triada code was found on thousands of Tecno W2 smartphones sold in Africa, affecting a significant number of devices [103942]. The malicious code was pre-installed on the handsets in the supply chain, indicating a systemic issue that affected a large number of devices and users. Additionally, the article mentions that similar pre-installed apps with malware have been found on other devices in the past, suggesting a recurring problem in the industry [103942]. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident in the article is not related to a crash where the system loses state and does not perform any of its intended functions [103942].
(b) omission: The software failure incident in the article is related to omission where the system omits to perform its intended functions at an instance(s). The malware found on Tecno W2 smartphones signed users up to subscription services without their permission, submitting fraudulent requests on behalf of users invisibly and without the user's knowledge [103942].
(c) timing: The software failure incident in the article is not related to timing where the system performs its intended functions correctly but too late or too early [103942].
(d) value: The software failure incident in the article is related to value where the system performs its intended functions incorrectly. The Triada malware found on the Android smartphones installed malicious code that consumed pre-paid airtime for digital services without the user's knowledge or permission [103942].
(e) byzantine: The software failure incident in the article is not related to a byzantine failure where the system behaves erroneously with inconsistent responses and interactions [103942].
(f) other: The software failure incident in the article involves the pre-installation of malware on smartphones sold to low-income households, leading to fraudulent activities without the users' knowledge. This behavior could be categorized as a security breach or a form of exploitation of vulnerable users [103942]. |