120K BLU Phones Affected by Security Breach, Texts and Call Logs Harvested

...

BLU, a massive seller of unlocked smartphones based here in the US (Florida, to be exact), announced this morning that it encountered a large security threat for a number of its users. In total, the company claims that the threat associated with a “Wireless Update” 3rd-party application affects about 120,000 devices. 

To sum up what was taking place, the application, which is intended to be used to update the OS on devices, was harvesting text messages, call logs, and contacts. As of right now, BLU states that the app has been “self-updated,” and the harvesting function has been terminated. Furthermore, and a bit on the scary side, the security firm that discovered this vulnerability, Kryptowire, claims that all of this harvested information was being sent over to a Chinese server.

The process of checking to see if your BLU phone is affected is quite simple. Settings > Apps > Show System > Wireless Update. If your version of Wireless Update is from 5.0.x to 5.3.x, contact BLU immediately. If your version doesn’t fall into that category, you are fine, according to BLU.

Below is a list of affected models.

Here is the message that BLU posted to its website.

BLU Products has identified and has quickly removed a recent security issue caused by a 3rd party application which had been collecting unauthorized personal data in the form of text messages, call logs, and contacts from customers using a limited number of BLU mobile devices.

Our customer’s privacy and security are of the upmost importance and priority.

The affected application has since been self-updated and the functionality verified to be no longer collecting or sending this information.

If you have any concerns or questions in regards to your BLU Smartphone, feel free to contact us directly at www.bluproducts.com/service, call us at 1-877-602-8762, or email us at [email protected].

As I mentioned, this app is used to update a smartphone’s OS, but due to this threat, BLU states it is now working with Google to utilize Google’s own OTA procedure and servers for future devices.

Categories
E-COMMERCE
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Amazon Introduces Alexa-Exclusive Deals This Weekend

    21, ask the intelligent personal assistant for daily deals, or go online to see a list of the day's offers.It's as simple as saying "Alexa, order [product].
  • 5300c769af79e

    Microsoft and LinkedIn Go All In

    The acquisition furthers Microsoft's effort to extend the breadth of its content portfolio and to integrate its offerings into its platform of cloud services.The companies jointly announced the deal: Microsoft will pay $196 a share in cash for LinkedIn, which will retain its brand, culture and independence under the new structure.
  • 5300c769af79e

    Get Smart With Stacey: How to Control Outdoor Halloween Lights

    This weekend, we decorated for Halloween, which means a few sets of lights, an LED spider, and some cheap spider webs.My connected Halloween lighting looks like this in the front: And this is the back: Not like this, which requires a professional lighting designer: When it comes to holiday lighting, smart switches are your best friends.
  • 5300c769af79e

    Samsung Down, Galaxy Note7 Out

    Shares of Samsung Electronics fell sharply on Tuesday after the company confirmed reports that it had halted production of its flagship Galaxy Note7 smartphone, just launched this summer.The CPSC will continue its active investigation into the reports of phones "overheating and burning in multiple states," said Chairman Elliot Kaye, who praised Samsung, along with retailers and carriers, for suspending Note7 sales and replacements.