Backdoor in some cheap Android phones sent personal data to China
If you've used certain kinds of disposable or prepaid Android phone, your device may have been unknowingly transmitting personal data and usage information to a Chinese server, according to a new report released by security contractors at Kryptowire.
As reported by the New York Times, code written by Shanghai Adups Technology Company was preinstalled on some Android phones and used to monitor where users go and record communication data including call logs and text messages.
From the article:
Making things all the more troubling was the fact that this was no bug in the code, but instead an intentional effort by Adups to "help a Chinese phone manufacturer monitor user behavior" via device firmware. This information comes from a document Adups provided to executives from BLU, a U.S-based manufacturer of budget Android devices. According to BLU CEO Samuel Ohev-Zion, the company was unaware of the backdoor, but says that BLU moved quickly to correct it and has been assured by Adups that all information taken from Blue customers has been destroyed:
Adups writes software code for phones, cars and other IoT devices, boasting on their website that they have 700 million active users across over 200 countries and regions. BLU told the NYT that 120,000 of its phones had been effected. The full scope and scale of this discovery still unclear at this time.
Android Central reached out to BLU for comment, but had not received a response as of press time.
Get the top Black Friday deals right in your inbox: Sign up now!
Receive the hottest deals and product recommendations alongside the biggest tech news from the Android Central team straight to your inbox!
Marc Lagace was an Apps and Games Editor at Android Central between 2016 and 2020. You can reach out to him on Twitter [@spacelagace.