Security researchers have discovered malware inside android systems on low-cost smartphones such as,
Leagoo M5 Plus, Leagoo M8, Nomu S10 and Nomu S20.
Not all of the above models have been affected, but only some of them.
The phones came installed with Triada banking trojan.
Discovered by Russian cyber security vendors, Dr.Web, infected phone models came with the malaware Triada version
hidden within the processes of Android OS Zygote.
This type of virus was first discovered in March 2016 which,
was discovered to work as an Android trojan for banking systems.
Over time Triada got features becoming an all-around threat to be used to steal credentials, browser history, to download and install adware applications.
This is not the first time the smartphone line is compromised. Something like that has happened before and this is attributed to dubious distributors.
It is very bad when malaware or backdoors come from freeware vendors rather than from distributors of third parties.