Well now... security researchers have discovered many models of Android smartphones that feature a secret backdoor that is sending all of your data to servers in China.
The authorities aren't 100% clear on whether this is another attempt at mining data for advertising purposes, or if the Chinese government is scooping up as much information for its own intelligence or not. But never fear, security firm Kryptowire discovered multiple models of smartphones that had firmware that collected "sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent".
A company named Shanghai Adups Technology Co Ltd used a pre-installed firmware over-the-air (OTA) update that was monitoring these devices without detection. Adups was able to secure the users' location, who they talk to, contact lists, and the content of text messages, as well as countless amounts of personal data. The International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI) were also part of the data that Adups was taking, which was being sent every 72 hours.
Kryptowire said: "The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices".
Even after multiple layers of encryption, the data was still being sent to Adups, but how did they get around anti-virus tools? This is because the backdoor software was pre-installed with teh device, so anti-virus software would assume that the software shipped with the device and it was okay, and that it wasn't malware - even though it was.
This isn't just a mistake, as Adups intentially designed the backdoor software to help an unnamed Chinese smartphone manufacturer to monitor user behavior, Adups explained to BLU executives. BLU is an American phone manufacturer, which discovered that over 120,000 of its smartphones had the backdoor software pre-installed - but they've since updated the software, removing the feature.
Lily Lim, a lawyer representing Adups said: "This is a private company that made a mistake". Uh... how is it a "mistake"? Leaving the milk out after preparing your cereal, that's a mistake. Writing the wrong word on your spelling test, that's a mistake. Saying that console gaming is superior to PC gaming, another mistake - but intentionally baking in spying software into devices, is far from a mistake.
Lim added that Adups wasn't in cahoots with the chinese government, assuring that all of the information that it collected from BLU customers had been destroyed. Sure. Sure it was.
NVIDIA CEO writes hand-written note to SK hynix boss on 'future of AI and humanity together'
NVIDIA CEO Jensen Huang hand delivers the first DGX H200 AI GPU to Open AI's Sam Altman
ASUS ROG Ally now supports AMD's driver-based Fluid Motion Frames frame gen
TikTok is more likely to completely shut down in the US than not
Nintendo forces Garry's Mod creator to go through and delete 20 years of Steam Workshop mods
ACEMAGIC AD08 "Core i9 11900H" Mini PC Review
Lenovo ThinkPad X1 Carbon Gen 12 Review
ASUS ROG Swift Pro PG248QP Gaming Monitor Review - Frames, frames, and more frames
FlexiSpot C7B-Mesh Ergonomic Office Chair Review
Samsung G8 34-inch QD-OLED Gaming Monitor Review - 175Hz for $900
ASRock NUCBOX-155H Mini PC Review
NuPhy Air96 V2 Wireless Mechanical Keyboard Review
TEAM T-FORCE Siren DUO360 RGB Liquid CPU Cooler Review
AVerMedia Live Streamer ULTRA HD Review
AVerMedia Live Gamer 4K 2.1 Review
Building the Ultimate Home Entertainment Server with an ASUSTOR NAS and Viper Gaming NVMe SSDs
Everything you need to know about the latest ASUS NUC Mini PCs - NUC 14 Pro and ROG NUC
How to Overclock Your GPU and Boost Your PC Gaming with ASUS GPU Tweak III
ASUS's AMD Radeon RX 7000 Series GPU lineup has something for every gamer
ASUS OLED Premium Care defends the ROG Swift OLED PG32UCDM gaming monitor from burn-in