Chinese Company Admits It Planted Spyware In Android Phones

Posted: Nov 17 2016, 2:27am CST | by , in News | Technology News

 

Chinese Company Admits it Planted Spyware in Android Phones
 

A Chinese company has admitted that it planted a spyware in some Android mobile phones that sent back to China information about the users and text messages.

The admission came after the program was exposed by a US cyber security firm.

Although the company, Shanghai Adups Technology, asserted that the "text messages, contacts or phone logs" it collected were not shared with anyone else, it has raised security and privacy concerns about the use of spyware and the potential for the information collected to fall into the hands of the government or others. Several mobile phone brands are manufactured in China.

Kryptowire exposed the spyware on Tuesday, saying that it had found it hidden in the firmware that came installed by the manufacturer on some phones it had examined.

It said that the program transmitted the information it collected from mobile phones to computers in Shanghai.

Firmware is the program that comes pre-installed and controls actions like updating the operating system or other program.

"The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users' consent," Kryptowire said.

It dodged anti-virus software because it was assumed that programs shipped pre-installed on phones and considered integral to them were clean, it added.

Kryptowire identified Blu brand's R1 HD phone as one of the models infected with the program.

Amazon has stopped selling the BlU R1 HD on amazon.com.

The manufacturer of Blu said on its web site that it has "identified and has quickly removed a recent security issue caused by a third party application which had been collecting unauthorized personal data in the form of text messages, call logs, and contacts from customers.

"The firmware on its phones was automatically updated to remove it and verified to be no longer collecting or sending this information," Blu said.

In addition to R1 HD, Blu said the affected models were Energy X Plus 2, Studio Touch, Advance 4.0 L2, Neo XL and Energy Diamond.

The program is of the category known as Firmware Over the Air (FOTA), which come pre-installed in computers and are meant, among other things, to keep the phones automatically updated.

Adplus, which claims to have over 700 million active users in more than 200 countries or regions, said that the program to collect and send the information was "inadvertently" included in the firmware.

The company said it had come up with the program to help "screen out junk texts and calls from advertisers" by analyzing the information collected about them from phones "in order to improve mobile phone experience." 

This story may contain affiliate links.

Comments

The Author

<a href="/latest_stories/all/all/59" rel="author">IANS</a>
The Indo-Asian News Service (IANS) was established in 1986, initially to serve as an information bridge between India and its thriving Diaspora in North America. Now IANS is a full-fledged wire agency, putting out news 24x7 from around the world.

 

 

Advertisement

comments powered by Disqus