Some Android phones offered backdoor access to Chinese servers: Report

By Karthekayan Iyer | Published on 16 Nov 2016
Some Android phones offered backdoor access to Chinese servers: Report
HIGHLIGHTS

Security contractors discovered the preinstalled software in some Android phones monitoring where users go, whom they talk to and what they write in text messages

New Vostro 14 5490 Laptop with 10th Generation Intel core process

It has a RAM of 8GB and 2GB GDDR5 graphics memory. Save Rs.17,000 on this deal

Click here to know more

Software bundled with some Android smartphones are acting as a backdoor to send text messages to China every 72 hours, according to security research firm Kryptowire. Kryptowire says Adups software installed in some Android smartphones transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server.

Security contractors discovered the preinstalled software in some Android phones monitoring where users go, whom they talk to and what they write in text messages. It is unclear whether the software was preinstalled for secretive data mining or Chinese government-sponsored state surveillance. The software created by Shanghai Adups Technology Company comes preinstalled on more than 700 million phones, cars and other smart devices.

Nearly 1,20,000 phones of American phone manufacturer, BLU Products had been affected and the company has updated the software to eliminate the feature, reports The New York Times. Adups in a document provided to BLU Products says it intentionally designed the software to help a Chinese phone manufacturer monitor user behaviour. The company says the software was not intended for American smartphones.

"This is a private company that made a mistake," Lily Lim, a lawyer representing Adups told The New York Times.

While the scope of installation of third party software on smartphones is not clear, it could have proven to be a potential privacy risk to user data. The software also shows how Chinese companies and government are monitoring smartphone behaviour. Adups provides software to ZTE and Huawei - two of the biggest telecommunication business houses based in China.

Adups is responsible for a code that lets companies remotely update the firmware of their devices. "Normally, when a phone manufacturer updates its firmware, it tells customers what it is doing and whether it will use any personal information. Even if that is disclosed in long legal disclosures that customers routinely ignore, it is at least disclosed. That did not happen with the Adups software," Kryptowire told The New York Times.

Google says it has told Adups to remove the surveillance ability from phones running Google Play Store. Android phones sold in China do not offer Google Play services because of censorship concerns.

At this moment, Adups seems to have disabled its software from devices sold outside of China and claims to have deleted the data collected from users of 120,000 affected BLU smartphones. While the vulnerability doesn't seem to be severe, its worth noting that such surveillance can have a catapulting effect on privacy.

logo
Karthekayan Iyer

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.