Previous Story
Some Cheap Android Smartphones Are Reportedly Stealing User Data
Posted On Nov 17 2016
Comment: Off
All three manufacturers sell phones in the United Kingdom, although it is unclear how widespread the software is used.
BLU, a massive seller of unlocked smartphones based here in the US (Florida, to be exact), announced this morning that it encountered a large security threat for a number of its users. Notably, even anti-virus and other security software on phones were not able to discover the threat, as they normally disregard software already bundled on the phone by the smartphone manufacturer. It maintains it was unaware it was being installed on its phones though.
Adups told The New York Times that the software was never meant for American phones. If it reads 5.0.x to 5.3.x, Blu asks that you contact it immediately. “We moved very quickly to correct it”.
To mention, AdUps provides its software to handset manufacturers like ZTE and Huawei, which vend their Android phones across over 150 countries and regions.
“Our findings are based on both code and network analysis of the firmware”.
Later, a lawyer for Shanghai AdUps Technologies told The New York Times that the data was not being collected for the Chinese government, stating: “This is a private company that made a mistake”. The idea is that your phone sends all text messages to China after a specific period of time. BLU Products did confirm that AdUps was running on a lot of the smartphones, denied any nefarious activities, and said that the firmware was being deleted from the devices.
How does the Adups software work? The company, naturally, apologizes to its partners and users. Is there the potential this data could be used for spying on the behalf of the Chinese government?
AdUps did fix the problem on 120,000 Blu phones, but that’s not the end of the story.
Some of the affected smartphones include the following: Advance 4.0 L2, R1 HD, Energy X Plus 2, Studio Touch, Neo XL, and Energy Diamond. There have been no confirmed phone models from those companies as being affected as of yet. The user’s consent to the surveillance is not required at any point while using the phone.
Security contractors have recently discovered a backdoor in the form of pre-installed software that monitors the location of the smartphone’s user, as well as whom they talk to and what they write in their text messages. She did not identify the company that requested it and said she did not know how many phones were affected.
