If you own a smartphone, you most likely own an Android phone. If so, your phone could be one of the 700 million phones which secretly sends all your data to China every 3 days.
These phones contain a backdoor of sorts which sends call logs, SMS messages, contact list, location history and app data to China every 72 hours.
Discovered in the U.S
Researchers from Kryptoware have discovered an alleged backdoor in many of the budget smartphones sold in the U.S, which collects and sends data anonymously to a Chinese server. The firmware code in these phones is developed by a Chinese firm called Shanghai AdUps Technology. The company claims that its software runs on more than 700 million devices across the world.
AdUps provides its software for smartphone manufacturers like Huawei and ZTE as well which also sell their phones in various countries all over the world. Qmobile also gets its phones from China and those phones could also be at risk. For the time being, there has been no mention of OnePlus or Xiaomi in this case.
The backdoor is said to be put there intentionally and not due to a security flaw or by an accident. The authorities are still unsure whether it only sends data for advertisement purposes or as government surveillance by China.
The Backdoor’s Capabilities
The backdoor is capable of executing these operations anonymously without the user knowing about them:
- Collect and Send SMS texts to AdUps’ server every 72 hours.
- Collect and Send call logs to AdUps’ server every 72 hours.
- Collect and Send user personally identifiable information (PII) to AdUps’ server every 24 hours.
- Collect and Send the smartphone’s IMSI and IMEI identifiers.
- Collect and Send geolocation information.
- Collect and Send a list of apps installed on the user’s device.
- Download and Install apps without the user’s consent or knowledge.
- Update or Remove apps.
- Update the phone’s firmware and re-program the device.
- Execute remote commands with elevated privileges on the user’s device.
The backdoor was discovered in two system applications which cannot be modified or removed by the user. They are com.adups.fota.sysoper and com.adups.fota
Kryptoware notified Google, AdUps and Amazon, which exclusively sells the BLU R1 HD phone which also contains the backdoor.
Google and AdUPs’ response
Google issued a statement saying that they are working with affected parties to patch the backdoor but they do not know how widely AdUps has distributed their software in Android phones.
AdUps said that its software was not intended to be included on smartphones sold in America and is only designed to help Chinese smartphone makers to monitor user behavior.
No matter what the company says, the issue is significant and in a world where privacy concerns are growing backdoors like this make you wonder whether you are truly safe or not. There’s also the aspect that US is known to blow a situation out of proportions when it comes to China while the US government themselves have been accessing user data through hacks and backdoors for ages.
Via The Hacker News