Security News Some U.S. Android Phones Have Secret Backdoor That Sends Data to China

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
It looks like at least one handset manufacturer present on the United States market has serious security issues if we are to believe the latest reports coming from American authorities.

BLU Products, one of the companies that sells Android smartphones in the United States and some other countries from South America, had around 120,000 of its devices affected by a security exploit that could presumably send all text messages to China.

Security contractors have recently discovered a backdoor in the form of pre-installed software that monitors the location of the smartphone's user, as well as whom they talk to and what they write in their text messages.

The said software then sends all the information to China every 72 hours. The secret software has been developed by a Chinese company called Shangai Adups Technology and, according to its officials, it runs on more than 700 million phones worldwide.

So, the problem is not limited to those 120,000 Android smartphones launched by BLU Products in the United States after all.

Furthermore, the security company that found the backdoor, Kryptowire claims that Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data directly to a Chinese server, The New York Timesreports.

Handset makers aren't even aware of the backdoor on their phones
According to Adups officials, the software was designed to help Chinese phone manufacturers to monitor user behavior. Also, the company claims that the version of software found in BLU smartphones was not intended for U.S. phones.

In the meantime, BLU Products removed the secret software from within their smartphones, as soon as they were informed by the security contractors.

According to BLU's chief exec, Samuel Ohev-Zion, the presence of the backdoor was something that they weren't aware of, which is why they have move very quickly to remove it.

It's also worth mentioning that Chinese company Adups provides software to much larger handset makers like ZTE and Huawei, which sell their Android smartphones worldwide, not just in China.
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
That's why I use Adguard firewall to monitor the network traffic of the apps but the problem is to understand which of the illegitimate app can transmit data and above all what data are transmitted.
 

Entreri

Level 7
Verified
May 25, 2015
342
This should obvious to everyone, and anyone who buys Chinese smartphones should be accepting this as normal practice, anyone who did not was very foolish and naive. All their information went directly to the Chinese NSA, from texts, to video, photos, passwords, you name it.

They should also have some wonderful firmware level malware as well on their Chinese smartphones.

At least with American software companies backdoors, Western citizens still have some rights and freedoms. With The Donald in charge, this may slowly change even further for Americans.

It will be very interesting to see if they tried to install Chinese malware on Apple smartphones...I wouldn't think it would be successful, given how thoroughly Apple vets their products.
 
Last edited:

Ana_Filiz

Level 4
Verified
Well-known
Aug 23, 2016
193
One question arise here: how can be sure about the content or purpose of the data sent or in other words what do we know about the data sent out from our phones by various apps that connect to the internet? :)
 

Dirk41

Level 17
Verified
Top Poster
Mar 17, 2016
797
One question arise here: how can be sure about the content or purpose of the data sent or in other words what do we know about the data sent out from our phones by various apps that connect to the internet? :)

You should read privacy policy . As far as they have one :D
 

Vipersd

Level 6
Verified
Dec 14, 2014
285
Privacy Policy is total B.S. It is lawyer dreamland for covering behind fancy and not understandable text to average Joe out there.

Without clear and understandable examples shown before agreing to Privacy Policy how am I supposed to know what data is collected or send to developer or some company.
 
Last edited:

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Selling of information is already a basic pattern in technology aspect.

We have no choice to stop, unless time will come where conditions become below the belt [does not meet in the privacy policy] which we can report it.
 

Fritz

Level 11
Verified
Top Poster
Well-known
Sep 28, 2015
543
Can't say I'm surprised really. If it can be done, it will be done. Period.

What really concerns me though are all the people who couldn't care less about being stripped naked regarding their data.
 

Entreri

Level 7
Verified
May 25, 2015
342
Can't say I'm surprised really. If it can be done, it will be done. Period.

What really concerns me though are all the people who couldn't care less about being stripped naked regarding their data.

Knowledge is power. Chinese agents can manipulate, blackmail foreigners...they will be great tools for Chinese intelligence. Lots of people keep their entire lives on their smartphones. And anytime they want, they could conceivably empty piggy banks.

This kind of malware will not only be used to imprison, murder, control Chinese nationals. China plays by different rules. Rights, human rights? LOL!

As everyone here knows, mass surveillance is all about power and control, it has never stopped one terrorist attack or caught a terrorist.
 
  • Like
Reactions: Fritz

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top