Researchers discover that Certain Cheap Android Phones are Sending User's Personal Data to a Firm in Shanghai
In 2014 Cisco's Annual Security Report revealed that 99% of all malware targeted Android devices as is noted in their graphic presented below. In 2014, Apple's CEO pounded that point home during his World Wide Developer Conference as noted in a secondary graphic below. During that keynote Cook quoted ZNet's famous line that "Android fragmentation is turning devices into a toxic hellstew of vulnerabilities." In May of this year Patently Apple reported that the FCC was going to investigate Android's problems followed by a report over the summer noting that malware and ransomware are still huge problems for Android users. Today we're learning that there's a new disturbing development regarding Android that should concern certain Android fans.
It's being reported today that "owners of cheap smartphones could have been the victims of an unprecedented privacy intrusion after security researchers found that some low-cost Android devices have been regularly sending personal information, including the contents of messages and location, to China.
One of the most extensive backdoors found in a device to date, the software that comes installed on several models of Android phones has been allowing the smartphones to collect the sensitive information from users and send it to a Chinese company without the owner knowing.
The problem affects a number of phones that cost around US$65 and are for sale at major retailers, including Amazon and BestBuy in the US, according to the researchers at US based Kryptowire, the mobile phone security company that discovered the privacy issue. The software in question is installed on phones made by Huawei, Blu Products and ZTE. All three manufacturers sell phones in the UK, although it is unclear how widespread the software is used.
According to Kryptowire, "These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices.
The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users' consent and, in some versions of the software, the transmission of fine-grained device location information. The core of the monitoring activities took place using a commercial Firmware Over The Air (FOTA) update software system that was shipped with the Android devices we tested and were managed by a company named Shanghai Adups Technology Co. Ltd.
Our findings are based on both code and network analysis of the firmware. The user and device information was collected automatically and transmitted periodically without the users' consent or knowledge. The collected information was encrypted with multiple layers of encryption and then transmitted over secure web protocols to a server located in Shanghai. This software and behavior bypasses the detection of mobile anti-virus tools because they assume that software that ships with the device is not malware and thus, it is white-listed.
In September 2016, Adups claimed on its web site to have a world-wide presence with over 700 million active users, and a market share exceeding 70% across over 150 countries and regions with offices in Shanghai, Shenzhen, Beijing, Tokyo, New Delhi, and Miami. The Adups web site also stated that it produces firmware that is integrated in more than 400 leading mobile operators, semiconductor vendors, and device manufacturers spanning from wearable and mobile devices to cars and televisions.
Over and over again Apple's CEO continues to inform us that the numbers of Android switchers to the iPhone is ever growing. From Apple's Financial Conference Call's Opening Statement from CEO Tim Cook we learned that "iPhone sales were up year over year in 33 of our top 40 markets. As you know, iPhone customers are the most satisfied and loyal customers in the world and fiscal 2016 saw more customers switch from Android to iPhone than ever before.
Last Quarter Cook noted that "Overall, we added millions of first time smartphone buyers in the June quarter and switchers accounted for the highest percentage of quarterly iPhone sales we've ever measured. In absolute terms, our year-to-date iPhone sales to switchers are the greatest than we've ever seen in any nine month period and our active installed base of iPhones is up strong double digits year over year."
It's becoming clearer as to why so many Android fans are switching to Apples iPhone. Once someone has become a victim of ransomware or malware and now personal data theft, do you think they'll ever trust anything Android based again?
When you think of possibly losing your important personal data to criminal elements overseas, is that "cheap" Android phone really cheap? It's like the Razor/Razor Blade business model. Sell a device at a loss if need be in order to get a customer's long term repeat business – be if for blades, video games or customer data. In this case it's about giving away the phone at a ridiculously low price knowing full well that they'll make their real profit in selling a user's personal data to the highest bidder.
Android OS: What a nightmare.
About Making Comments on our Site: Patently Apple reserves the right to post, dismiss or edit any comments. Those using abusive language or behavior will result in being blacklisted on Disqus.