Chinese Collect User Data from random Android Phones secretly: Security Firm

By siliconindia | Friday, 18 November 2016, 05:54 Hrs

BENGALURU: Virginia-based security firm Kryptowire recently reported that there are few Android devices from a Chinese company that are infected with software that collects users’ personal information and conversation made through text messages and calls, and later sends that data to China without users consent.. According to Kryptowire, mobile enterprise security offers mobile security services to government agencies and private businesses.

Kryptowire reported that it had discovered the issue in manifold Android phones leveraging firmware from the Shanghai based Chinese company, ADUPS Technology. Furthermore, it was observed that personal information of users was automatically sent to Adups every 72 hours.

According to Kryptowire, Adups’ technology is installed in more than 700 million devices across the globe. BLU products, which work with Adups’ technology reports that more than 120,000 BLU smartphones had the software deeply embedded in the device. It was learnt later that the numbers called and received, contact lists and full text messages were being transmitted back to the server for unclear purposes. Furthermore, the software has the potential to execute remote commands and reprogram the smartphones from a remote location.

In a statement Kryptowire says “The firmware could target particular users and text messages matching remotely defined keywords”. Mobile device makers could collect more personal information from a person’s phone or other devices; this means the device makers can spy on any person whenever they want. In response to this Shanghai ADUPS asserted the firmware had been designed to help screen out junk texts and calls. It was due to the automatic update that installed this feature unintentionally on BLU Product phones and has been disabled after objections from BLU.