Pre-installed Backdoor On 700 Million Android Phones Sending Users’ Data To China

http://thehackernews.com/2016/11/hacking-android-smartphone.html?m=1

Scary if numbers and details are correct..

1 Comment

  1. Tomi Engdahl says:

    Security bods find Android phoning home. Home being China
    Kryptowire uncovers firmware sending texts, contacts and everything else
    http://www.theregister.co.uk/2016/11/15/android_phoning_home_to_china/

    Security researchers have uncovered a secret backdoor in Android phones that sends almost all personally identifiable information to servers based in China.

    The firmware is managed by Shanghai Adups Technology, and according to the company, is contained on over 700 million phones worldwide, including phones available in the United States.

    Adups says that the firmware provides companies with data for customer support, but an analysis by Kryptowire revealed that the software sends the full bodies of text messages, contact lists, call history with full telephone numbers, and unique device identifiers including the International Mobile Subscriber Identity and the International Mobile Station Equipment Identity.

    Or, in other words, everything that you would need to keep someone under surveillance.

    Although Shanghai Adups is not affiliated with the Chinese government, the discovery of the firmware is being taken very seriously by US government officials: not least because the firmware does not disclose what it is doing and the firmware – spyware – comes pre-installed on new phones.

    Kryptowire Discovered Mobile Phone Firmware That Transmitted Personally Identifiable Information (PII) Without User Consent Or Disclosure
    http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html

    ryptowire has identified several models of Android mobile devices that contained firmware that collected sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users’ consent. These devices were available through major US-based online retailers (Amazon, BestBuy, for example) and included popular smartphones such as the BLU R1 HD. The core of the monitoring activities took place using a commercial Firmware Over The Air (FOTA) update software system that was shipped with the Android devices we tested and were managed by a company named Shanghai Adups Technology Co. Ltd.

    These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users’ consent and, in some versions of the software, the transmission of fine-grained device location information.

    Our findings are based on both code and network analysis of the firmware. The user and device information was collected automatically and transmitted periodically without the users’ consent or knowledge.

    In September 2016, Adups claimed on its web site to have a world-wide presence with over 700 million active users, and a market share exceeding 70% across over 150 countries and regions with offices in Shanghai, Shenzhen, Beijing, Tokyo, New Delhi, and Miami. The Adups web site also stated that it produces firmware that is integrated in more than 400 leading mobile operators, semiconductor vendors, and device manufacturers spanning from wearable and mobile devices to cars and televisions.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*