+4 votes
Manufacturers can access, view and sell personal data on your cell phone (eg SMS, calls, contacts)?

in Applications by (405k points)
reopened | 18 views

1 Answer

+5 votes
Best answer

The cell phone brands that carried AdUps spyware
Archos and other NON-Chinese brands were also affected

It was the cause for which BLU was sued and it is not the only brand. For the same reason, security firm Trustlook found that 42 other cell phone brands, including several well-known such as Lenovo , ZTE , Hisense , Mediatek Helio and Gionee , carried the same spyware that Bold Like Us was sued for. Such spyware collected the private data of users, such as the content of SMS, their contacts or call logs and sent them to servers in China ..

All this revolved around the Chinese company Shanghai AdUps Technologies . It was the one that manufactured the software for those mobile brands. A component of this software, which was in charge of updating the Android system over the Internet (OTA Update), is the one that carried out this work of obtaining user data and sending it to AdUps computers in China, for "advertising purposes." . This update application performed this collection and shipping process every 72 hours automatically. Additionally, this software had a backdoor or "backdoor" through which this company, or any person or entity , could have remote access to those affected computers.


The cell phone brands that carried AdUps spyware

Aaron Electronics
Aeon Mobile
All Win Tech
Amoi Technology
Coship Mobile
DEWAV Communication Group
DEXP Digital Experience
Eastaeon Technology
Electronic Technology Co.
Inventec Corporation
Konka Group Co
Malata Mobile
Mediatek Helio
RDA Micro
Water World Technology Co.
Wind Communication
Yifang Digital
Zhuhai Quanzhi

In addition to users' personal data, such as SMS, contacts, and call logs, the software was found to extract other technical data from the devices, such as IMEI, MAC address, and Android version..

Archos and other NON-Chinese brands were also affected

When the BLU company was accused that its devices carry this spyware, it replied that it "had not authorized" AdUps to configure its software with this functionality (I put it in quotes, because BLU had already said that it "did not know" about the backdoor and rootkit found by Bitsight on a previous occasion). AdUps apparently ignored this requirement and stated that it had been implemented by accident , as it was only intended for the Chinese market. This would explain why there were several Chinese brands involved here. But the strange thing is that this software had not only been found in devices of that origin. It was also in the French brand Archos, DEXP Communication Group from Russia and Prestige from the Czech Republic.

After BLU was reported , it took action on the matter and announced the removal of this "bad" component of the software. Instead, I would use the OTA app offered by Google. I send a patch to block the functionality in the 120 thousand affected devices. In the case of ZTE, it was indicated that AdUps is not used in the ZTE Axon 7 device or in any equipment that is shipped to the United States. Huawei also confirmed that it has nothing to do with AdUps. Xiaomi is not listed, but that does not mean it does not have spyware ..

Regardless of the measures that each manufacturer has taken on this particular situation, nothing guarantees that it will be repeated in the future without users knowing. The Android AdsUp component or app can be easily renamed , for example. This could be the case until another security company detects the problem, disguised in another way. It is the indefinite game of cat and mouse. In 2021 , this type of problem continues to be seen from the manufacturer, even in countries like the United States.

Can you report the manufacturer for spying on your personal information on your cell phone?

BLU, Doogee, Leagoo and "small" brands come with viruses?

Can a NEW cell phone come with viruses?

by (2.5m points)
7,775 questions
7,875 answers
2 users