Security company G Data has identified more than 20 mobile phones with malware. The malware is embedded in a legitimate app, such as Facebook, which is sometimes preinstalled on phones. It can read and send text messages, install other apps, collect and change call data, grab location information, record phone calls or send premium SMSes. Many of the suspect phones are sold in Asia and Europe through third parties or middlemen, G Data says. It’s impossible for consumers to remove since it resides inside the phone’s firmware.”]
Source: https://www.csoonline.com/article/2979553/bought-a-brand-new-phone-it-could-still-have-malware.html