Some Budget Phones in the US Still Sending Personal Data Back to China, Says Kryptowire
Despite last year's revelation where some smartphones being sold in the US were found laced with a software that could send private data to servers in China, it seems as though nothing was learnt from the mistake. According to a recent study, it seems the group behind last year's privacy-invading software is still active and continues to send personal data to China, only more discreetly than before.
Shanghai Adups Technology, a firm based in China, was caught last year in November for having added a backdoor to the firmware of cheap smartphones like the Blu R1 HD sold in the US. The firmware was found to be sending personally identifiable information (PII) to servers in China via a back door. At the time, the Shanghai-based firm said it had mistakenly used code for China-based software in these firmware.
Researchers at Kryptowire discovered this back then and at the Black Hat security conference in Las Vegas on Wednesday, the security firm once again revealed that Adups' software is still sending data from the Blu Grand M smartphone to the company's server in china, CNET reports. This was discovered by Ryan Johnson, a research engineer and co-founder at Kryptowire in May, almost six months after Shanghai Adups Technology confessed it was a mistake.
"They replaced them with nicer versions," Johnson said. "I have captured the network traffic of them using the command and control channel when they did it." Following this reveal, a Adups spokeswoman said the company had resolved the issues last year and that the firmware "are not existing anymore."
Apart from the Blu smartphone, Johnson also found the firmware on the Cubot X16S. These cheap Chinese phones sent data that included a list of apps installed, the apps used, IMEI numbers, call logs, browser history, and more to China. In fact, Adups claimed last year that its software is present in over than 700 million devices in 200 countries, mostly targeting low cost phones.
Cases of spyware, malware, and ransomware have been growing in recent times. The Black Hat security conference comes following recent cyber-attacks like WannaCry and Petya ransomware. There have also been reports recently of Android-based malware like SpyDealer and LeakerLocker. All of these cases have raised an alarming concern over the safety of personal information over the digital space.
These cases also point out some serious vulnerabilities with the Android platform. Kryptowire said last year that it examined 20 pieces of firmware from low-end Android devices, all of which seemed to have vulnerabilities that could allow spyware apps. Notably, all of these devices also had a particular MediaTek chipset. The chipset comes with a pre-installed app called MTKLogger, which allowed for data surveillance of browser history and GPS, to name a few. While MediaTek claims to have resolved the issue, the security firm found the vulnerability still present till last week on the Blu Advance 5.0.
0 comments:
Post a Comment