Confirmed: Infinix Phones Are Sending Data Back to China

Security researchers reveal that over 2.8 million low-end Android devices enable the attackers to extract personal information and execute commands on the attacker’s phones with root privileges.

Infinix, a brand that operates in Pakistan, is among those that are affected.

This is not the first incident that has come to light this week. Earlier this week, researchers from Krytowire discovered that Chinese Smartphones were identified carrying permanent and pre-installed firmware which collected sensitive information; messages, call logs, geolocations and transmitted them to a third-party server in Shanghai, China.

The company responsible for this latest problem is Ragentek Group.

Problem Identification

The researchers reveal that the problem was experienced first hand as one of their researchers bought a BLU Studio G smartphone from BestBuy.

The researchers claim that the smartphone uses an insecure method of communicating with remote servers and contains an insecure over-the-air system, which is powered by the Ragentek firmware.

The weak security and lack of SSL support enables the attackers to play as a man-in-the-middle and communicate on behalf of the attacker with the OTA server.

There are security concerns with majority of the applications we use nowadays but Anubis researchers say that the issue is much more grave.

Algorithm Covering Its Tracks

The researchers, on top of their findings found another issue. The company’s algorithm, working with two additional algorithms, also includes a code which hides its presence from the Android operating system.

The binaries will hide the updates coming to the phone from the developer, thus raising no alarms. The researchers narrowed it down to lack of SLL protection which is the main concern.

Three OTA server domains were identified by the researchers, only one belonging to the Anubis researchers. The researchers then proceeded to register the other two domains, which allowed them to communicate with all the devices running Ragentek firm.

Using the above methods, the researchers gathered information and statistics.

Change In Market

The researchers said that this ought to bring about a massive change in the market as people who are security conscious will move away from brands responsible for exposing their personal information.

BLU was identified as the only brand which was most affected when Kryptowire released their research earlier this week.


The “Others” category was not identified by the researches.

Compared to the ADUPS backdoor, Ragnetek do not collect the information nor do they store or forward the information. However, violating privacy is a punishable crime and should be dealt accordingly. The jury is still out as to how to proceed with the matter at hand.

Via BleepingComputers

Sports Analyst & Head of Sports Desk.

  • Both BLU and Infinix Offer phones that are cheaper than their Counterparts. There was an article, sometime ago, I think on BBC, and they stated there are only two ways to sell cheap smart phones, One is to use low quality parts, and the second was to install some kind of software which could either collect data or show advertisements (latter is used by Amazon).

  • The news is everywhere but you never bother to provide a link to the source. Grow up writers, have guts to tell where you collect your information from. This is one of the first rules in publication.

    • Obviously, they just read somewhere and write it here without mentioning anything that could provide more information & detailed proves regarding accuses. Why one would just believe on any writer who writes a post at propakistani!

  • Every mobile which is in use around the globe is sending data back to USA and eventually is in the hands of NSA and US companies share our personal data with Intelligence agencies.
    Courtesy of Edward Snowden who told us about the mass surveillance which is being going on and carried out by Western Governments but he it’s okay if they do but accuse others!
    Really disappointed with ProPakistani which just copy paste these articles, no wonder the quality of Journalism is so low!

        • That’s not fair sir. You were immediately disappointed by the reporting and alleged us things… ahhh… But its okay. I understand.

          • Take all negative criticism as a plus point in further advancing propakistani , its a good thing if your readers keep themselves updated from different sources , their collective input and feedback can further tailor the site for readers from Pakistan. (think of them as pro bono propakistani editorial staff )

            This coming from 2 year + propakistani lurker who rarely takes time to login and post

  • Nothing is fact there just is malicious propaganda against the company, such dirty marketing attacks are made to keep the company out from market. Big companies make big conspiracies against each other.

  • hahahah this is ridiculous! what you think Facebook , Youtube is doing :) so they are sending data to US is china has a data that means you have has chance to be hack :P and its good on other hand if you are sending data to US , i would rather go for china

  • Ltd feature videos

    Watch more at LTD