Report: 700M Android Phones Contain Chinese Spyware

by John Lister on November, 16 2016 at 12:11PM EST

Some cheaply made Android phones are reportedly sending copies of text

messages to a Chinese source every 72 hours. The official explanation is

that international customers have unintentionally received handsets with a

"feature" designed for Chinese users.

A security firm named Kryptowire made the discovery. It found that hidden

software preinstalled in phones was contacting a Chinese server every three

days and passing on details including contacts lists and call logs. The

software also sent back daily updates with the full content of text messages

and location data. (Source: arstechnica.com

<http://arstechnica.com/security/2016/11/chinese-company-installed-secret-ba

ckdoor-on-hundreds-of-thousands-of-phones/> )

How many phones are affected is as yet unclear. One American company, BLU

Products, says it recently updated 120,000 phones to remove the code,

immediately after becoming aware of it. The Chinese company which wrote the

software, Adups, says its code is on around 700 million devices worldwide,

including phones and other Internet-connected devices including cars. The

code also made it possible to remotely search for messages containing

specific keywords.

Code Explained As Junk Text Detector

According to Adups, it was a mistake that the code ended up on US devices.

It says a Chinese manufacturer asked for the code as a quality control tool

to make it easier to track unwanted marketing text messages. (Source:

nytimes.com

<http://www.nytimes.com/2016/11/16/us/politics/china-phones-software-securit

y.html

Other than that, Adups isn't giving much detail and won't say which specific

handsets might still be affected. That's particularly problematic seeing as

Kryptowire says the code is extremely well hidden on the phones. It says the

only way it found out about the software was following a lengthy technical

analysis, which later revealed what was truly going on.

Chinese Connection Raises Eyebrows

The code is part of the firmware, which is software that operates the phone

itself rather than individual applications. Normally manufacturers reveal

when they make changes and update to this firmware, but that doesn't appear

to have been the case here.

While this incident is being explained away as a blunder, the fact that the

data is going to China may arouse some concerns. While Adups says it has no

affiliation with the Chinese government, it would hardly be shocking to

discover officials in the country are trying to get hold of communications

data about Chinese citizens, or indeed foreign users.