An american sikkerhetsforsker got a surprise when the text message on the brand-new phone of his was sent to servers in China.
Then revealed he concealed a hidden backdoor, which should be pre-installed on several Android-based smartmobiler, which among other things is sold via online stores such as Amazon and BestBuy.
Shanghai-based Adups Technology Company is behind the software. The chinese company provide that the code is installed on over 700 million phones, cars and other devices, writes the New York Times.
the U.s. government says it is uncertain whether this represents the targeted espionage from China, or whether the software can be installed in the hole to support the advertising purposes.
user Action, call logs, location data, IMSI and the IMEI code and the phone’s contact list is something that is transmitted in the hidden.
According to a report sikkerhetsfirmaet Kryptowire published yesterday – it is they who made the discovery – this happens with regular intervals of between 24 and 72 hours.
In the announcement is, among other things, accounted for the involved servers, IP addresses, how the monitoring takes place purely technical, as well as the name of the system applications that are hidden on the affected Android phones.
Full control
In addition, the affected devices a firmware that gathers and transmits info about the use of apps on the monitored phones.
Besides, to circumvent the rettighetsmodellen on Android can firmware be used to remotely control the device as well as install new applications, without the user’s knowledge, says Kryptowire.
– Helped a chinese mobilprodusent
So far, the code is detected on affordable mobile phones, including the 120,000 Android devices from the for us rather unknown american phone manufacturer BLU Products.
This is no code error. Instead Adups acknowledged that they consciously developed the software in order to help an unnamed chinese mobilprodusent to monitor user activity. This version of the software was not intended for us phones, says the company, according to the New York Times.
It is not published any list of what other manufacturers or mobiltelefonmodeller that can be affected.
the New York Times shows, however, that Adups even state that they have the chinese ZTE and Huawei, two of the world’s largest mobile phone manufacturers, on their list.
– Ignored warnings
Other security researchers site Motherboard have talked with, claim that they for a long time have tried to confront Adups, as well as warn the suppliers that have sold products with rear door, without success.
A spokesperson for Amazon says that they chose to remove the affected products from its range, but that these will later be available for sale again, because BLU Products now should have sent out an update that corrects the problem.
No comments:
Post a Comment