Report: Android Firmware Sent Personal Data to China

...

A number of budget Android smartphones are suspected of sending text messages to China every 72 hours.

Security firm Kryptowire, which first reported the secret backdoor on Tuesday, blamed a firmware developed by Shanghai Adups Technology Company.

The majority of monitoring activities used Adups' Firmware Over The Air (FOTA) update system, developed in response to user demand to screen out junk texts and calls from advertisers.

"Since its founding, Adups FOTA has taken customer and user privacy very seriously," the organization said in a statement published Wednesday.

But the software, according to Kryptowire, transmits sensitive personal data without disclosure or user consent.

Tech Radar released a list of affected models from Miami-based mobile manufacturer Blu. Owners of the R1 HD, Energy X Plus 2, Studio Touch, Advance 4.0 L2, Neo XL, or Energy Diamond are encouraged to check their phone by navigating to Settings > Apps > Menu > Show System > Wireless Update. If it is running 5.4.0.3.004, you're in the clear, Tech Radar said. If it reads 5.0.x to 5.3.x, however, you should contact Blu immediately.

It remains unclear how many of the handsets were sold in the US.

These devices relay information like text messages, contact lists, call history (with full telephone numbers), and unique device identifiers, Kryptowire explained. The firmware also collected details about the use of installed applications, and is able to remotely program the gadget.

Shanghai Adups, however, claims this is all a misunderstanding; a simple mistake that has since been rectified.

"In June 2016, some Blu Product, Inc. devices applied a version of the Adups FOTA application that inadvertently included the functionality of flagging junk texts and calls," the company statement said. "When Blu raised objections, Adups took immediate measures to disable that functionality on Blu phones."

It also confirmed that no information—text messages, contacts, phone logs—was disclosed, and any data received from a Blu phone during that period was deleted.

"Also, Adups has been working to further improve the privacy protections in its products. Adups sincerely apologizes to its partners and users," it continued. "We will enhance process management and work to improve transparency, and deliver high-quality products and best service to provide the best possible data security for all our customers."

Neither Google nor Blu immediately responded to PCMag's request for comment.

ZTE, meanwhile, maintains that none of its US devices "have ever had the Adups software installed on them, and will not," the mobile manufacturer told Android Headlines.

Categories
GAMES
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Blizzard Hearthstone: Heroes of Warcraft (for iPad)

    But on a recent Saturday morning, I played six hours of Blizzard Hearthstone: Heroes of Warcraft, and I have absolutely no regrets.Compare Similar ProductsCompare D&D Lords of Waterdeep (for iPad) %displayPrice% Pocket Mortys (for iPad) %displayPrice% Forbidden Island (for iPad) %displayPrice% Octodad: Dadliest Catch (for iPad) %displayPrice% Lara Croft GO (for iPad) %displayPrice% Pac-Man 256 (for iPad) %displayPrice% Spider: Rite of the Shrouded Moon (for iPad) %displayPrice% Race the Sun (for iPad) %displayPrice% Her Story (for iPad) %displayPrice% Transistor (for iPad) %displayPrice% You Meet at an Inn.
  • 5300c769af79e

    Samsung Galaxy S7 Active (AT&T)

    The Samsung Galaxy S7 Active isn't just a Galaxy S7 in rugged clothing.Compare Similar ProductsCompare Samsung Galaxy S7 (Verizon Wireless) %displayPrice% Samsung Galaxy S7 Edge (Verizon Wireless) %displayPrice% Sonim XP7 (Unlocked) %displayPrice% Sonim XP6 (AT&T) %displayPrice% Kyocera DuraForce XD (AT&T) %displayPrice% Caterpillar Cat S40 (Unlocked) %displayPrice% Samsung Galaxy S7 Edge (Verizon Wireless) %displayPrice% Kyocera DuraForce (AT&T) %displayPrice% Design and FeaturesWhen it comes to rugged phones, you need to be prepared to make a bit of a compromise in the design department.
  • 5300c769af79e

    Miercom Report on Behavioral Detection of Threats and Data Loss

    Download The iboss Platform was tested at Miercom Labs for efficacy in behavioral data loss prevention and earned the Miercom Certified Secure designation.The test found that iboss' exclusive behavioral approaches were able to detect more active and complex threats that normally go undetected, and stopped the extraction of sensitive data like credit cards and phone numbers.
  • 5300c769af79e

    Weekly Rewind: Festival tents, Super Mario in real life, losing a Princess

    From fake news to the burning Note 7, the 10 worst tech failures of 2016 This year has also been an eventful year in tech.This video shows what Super Mario Run would look like in person As the fastest-growing app of all-time, it’s no surprise that fans have taken their enthusiasm for Super Mario Run to the streets — quite literally in the case of YouTuber Devin Super Tramp.