I'm guessing pretty much everybody assumes that when he/she buys a brand new phone, it comes free of any spyware, viruses or other malware. Apparently this assumption is incorrect in some cases as G Data, a well-known security company from Germany, has recently discovered 21 phone models which came with pre-installed malware right out of the box. According to the German company, the malware was inserted into legitimate pre-packed apps such as Facebook which means that you couldn't get rid of it without rooting the device.
As far as the report goes, it doesn't seem that the manufacturers are pre-packing malware but that the third-parties who sell you the phone do it. Andy Hayter, Security Evangelist at G Data (yes, that's an actual job title) wrote: "Somebody is unlocking the phone and putting the malware on there and relocking the phone." If you're interested in the list of smartphone models found to have pre-installed malware, here it is: Xiaomi MI3, Huawei G510, Lenovo S860, Alps A24, Alps 809T, Alps H9001, Alps 2206 Alps, PrimuxZeta, Alps N3, Alps ZP100, Alps 709, Alps GQ2002, Alps N9389, Android P8, ConCorde SmartPhone6500, DJC touchtalk, ITOUCH NoName S806i, SESONN N9500, SESONN P8 and Xido X1111.
As a personal note, I'm not totally sure about how much of this is actually true and how much it's a publicity stunt pulled by G Data to promote itself. The report they published lacks a lot of important information such as "Where were the models bought from?" and "Were all of the devices infected or just some of them?". Furthermore, the document mentions G Data's Antivirus software a lot so, I'm not saying that this all is just a hoax, but that I'm not 100% convinced by it either.
To read the entire G Data report, click on this link.