Technology and gaming content trusted in North America and globally since 1999
8,587 Reviews & Articles | 67,031 News Posts

Chinese company busted adding backdoor to US smartphones

Several models of Android smartphones include backdoor that sends your information back to China

By Anthony Garreffa on Nov 16, 2016 at 02:37 am CST - 2 mins, 18 secs reading time

Well now... security researchers have discovered many models of Android smartphones that feature a secret backdoor that is sending all of your data to servers in China.

Chinese company busted adding backdoor to US smartphones |

The authorities aren't 100% clear on whether this is another attempt at mining data for advertising purposes, or if the Chinese government is scooping up as much information for its own intelligence or not. But never fear, security firm Kryptowire discovered multiple models of smartphones that had firmware that collected "sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent".

A company named Shanghai Adups Technology Co Ltd used a pre-installed firmware over-the-air (OTA) update that was monitoring these devices without detection. Adups was able to secure the users' location, who they talk to, contact lists, and the content of text messages, as well as countless amounts of personal data. The International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI) were also part of the data that Adups was taking, which was being sent every 72 hours.

Kryptowire said: "The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices".

Even after multiple layers of encryption, the data was still being sent to Adups, but how did they get around anti-virus tools? This is because the backdoor software was pre-installed with teh device, so anti-virus software would assume that the software shipped with the device and it was okay, and that it wasn't malware - even though it was.

This isn't just a mistake, as Adups intentially designed the backdoor software to help an unnamed Chinese smartphone manufacturer to monitor user behavior, Adups explained to BLU executives. BLU is an American phone manufacturer, which discovered that over 120,000 of its smartphones had the backdoor software pre-installed - but they've since updated the software, removing the feature.

Lily Lim, a lawyer representing Adups said: "This is a private company that made a mistake". Uh... how is it a "mistake"? Leaving the milk out after preparing your cereal, that's a mistake. Writing the wrong word on your spelling test, that's a mistake. Saying that console gaming is superior to PC gaming, another mistake - but intentionally baking in spying software into devices, is far from a mistake.

Lim added that Adups wasn't in cahoots with the chinese government, assuring that all of the information that it collected from BLU customers had been destroyed. Sure. Sure it was.

Last updated: Sep 1, 2017 at 05:18 am CDT

Anthony Garreffa

ABOUT THE AUTHOR - Anthony Garreffa

Anthony is a long time PC enthusiast with a passion of hate for games to be built around consoles. With FPS gaming since the pre-Quake days, where you were insulted if you used a mouse to aim, he has been addicted to gaming and hardware ever since. Working in IT retail for 10 years gave him great experience with high-end, custom-built PCs. His addiction to GPU technology is unwavering, and with next-gen NVIDIA GPUs about to launch alongside 4K 144Hz HDR G-Sync gaming monitors and BFGDs (65-inch 4K 120Hz HDR G-Sync TVs) there has never been a time to be more excited about technology.


Related Tags