120K BLU Phones Affected by Security Breach, Texts and Call Logs Harvested

...

BLU, a massive seller of unlocked smartphones based here in the US (Florida, to be exact), announced this morning that it encountered a large security threat for a number of its users. In total, the company claims that the threat associated with a “Wireless Update” 3rd-party application affects about 120,000 devices. 

To sum up what was taking place, the application, which is intended to be used to update the OS on devices, was harvesting text messages, call logs, and contacts. As of right now, BLU states that the app has been “self-updated,” and the harvesting function has been terminated. Furthermore, and a bit on the scary side, the security firm that discovered this vulnerability, Kryptowire, claims that all of this harvested information was being sent over to a Chinese server.

The process of checking to see if your BLU phone is affected is quite simple. Settings > Apps > Show System > Wireless Update. If your version of Wireless Update is from 5.0.x to 5.3.x, contact BLU immediately. If your version doesn’t fall into that category, you are fine, according to BLU.

Below is a list of affected models.

Here is the message that BLU posted to its website.

BLU Products has identified and has quickly removed a recent security issue caused by a 3rd party application which had been collecting unauthorized personal data in the form of text messages, call logs, and contacts from customers using a limited number of BLU mobile devices.

Our customer’s privacy and security are of the upmost importance and priority.

The affected application has since been self-updated and the functionality verified to be no longer collecting or sending this information.

If you have any concerns or questions in regards to your BLU Smartphone, feel free to contact us directly at www.bluproducts.com/service, call us at 1-877-602-8762, or email us at [email protected].

As I mentioned, this app is used to update a smartphone’s OS, but due to this threat, BLU states it is now working with Google to utilize Google’s own OTA procedure and servers for future devices.

Categories
E-COMMERCE
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Talk Metadata To Me: How to Decode Your Network's Deepest and Darkest Secrets

    Download This paper explains what rich, historical metadata is, how you get it and how the insights and analytics it enables can materially transform the way you detect and investigate critical security threats.Drawing from our firsthand experience, we provide case studies on how organizations are analyzing metadata and using the resulting intelligence to find and stop attacks that they never would have been able to discover otherwise.
  • 5300c769af79e

    Twitter Purges Alt-Right Accounts

    In a video titled Knight of Long Knives (a reference to the 1934 mass murder of Nazi leaders by Adolf Hitler), Spencer calls Twitter's move "corporate Stalinism.But the company told USA Today that "Twitter Rules prohibit targeted abuse and harassment, and we will suspend accounts that violate this policy.
  • 5300c769af79e

    Unicorn Herd Threatens Silicon Valley, Warns VC

    The age of Unicorn investing has led to alarming overvaluations of startups that could result in an afterparty roll call not seen since 1999, Silicon Valley VC Bill Gurley warned Thursday.However there's no Unicorn index to buy, and most investors' participation is keyed to specific company performances, he pointed out.
  • 5300c769af79e

    aTube Catcher APK for Android | Download Apps For Free

    The videos you download through aTube Catcher apk can be later edited, modified, shared and viewed without the necessity of being online to do so.Sure there are other apps that can do similar to what aTube Catcher does, but that still does not take away the fact that aTube Catcher is a pretty awesome app.