Slashdot Mirror

← Back to Stories (view on slashdot.org)

Manufacturer's Backdoor Found On Popular Chinese Android Smartphone

Posted by samzenpus on from the sneaking-in dept.

Trailrunner7 writes that researchers at Palo Alto Networks have found a backdoor in Android devices sold by Coolpad. "A popular Android smartphone sold primarily in China and Taiwan but also available worldwide, contains a backdoor from the manufacturer that is being used to push pop-up advertisements and install apps without users' consent. The Coolpad devices, however, are ripe for much more malicious abuse, researchers at Palo Alto Networks said today, especially after the discovery of a vulnerability in the backend management interface that exposed the backdoor's control system. Ryan Olson, intelligence director at Palo Alto, said the CoolReaper backdoor not only connects to a number of command and control servers, but is also capable of downloading, installing and activating any Android application without the user's permission. It also sends phony over-the-air updates to devices that instead install applications without notifying the user. The backdoor can also be used to dial phone numbers, send SMS and MMS messages, and upload device and usage information to Coolpad."

22 of 82 comments (clear)

  1. buy cheap ... by Anonymous Coward · · Score: 3, Insightful

    ... get what you pay for

  2. There is no backdoor. by Anonymous Coward · · Score: 5, Funny

    Its just lies and propaganda, there is no backdoor in Coolpads.

    [sent from my Coolpad]

    1. Re:There is no backdoor. by Anonymous Coward · · Score: 3, Funny

      I think you mean: [sent BY my Coolpad]

  3. No different than what we have here by Russ1642 · · Score: 4, Interesting

    Pretty sure that both the iOS and Android systems can do this out of the box, they just have chosen not to. There's also the old Kindle deleting 1984 incident.

    1. Re:No different than what we have here by ArcadeMan · · Score: 4, Informative

      As far as I know, Apple can disable software remotely for security reasons but iOS itself cannot install software without asking the user.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    2. Re:No different than what we have here by davidwr · · Score: 2, Interesting

      Apple can disable software remotely for security reasons but iOS itself cannot install software without asking the user.

      Unless Apple disables the software that prevents iOS from installing software without the user. This function would only be used for security reasons of course.

      --
      Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    3. Re:No different than what we have here by gnasher719 · · Score: 2

      Unless Apple disables the software that prevents iOS from installing software without the user. This function would only be used for security reasons of course.

      It all depends on your definition of "can". Apple could theoretically do _anything_ with your iOS device. Some things would be detectable, some wouldn't, some would be illegal, most would be pointless to do for Apple and would be damaging to business if found out, which is a very good reason not to do it.

      Apple _can_ install apps remotely without asking you, and it actually happens if you buy an app on one phone, and you have set up the other phone to automatically install purchased apps. Well, technically you asked for it, but nothing needs to appear on your iOS device at that moment to ask you. Quite obviously, Apple _can_ install software on your iPhone, because that's what they have to do when you purchase software. Being asked by you to do it is just a small detail. In reality, Apple doesn't install software without asking you.

      Apple _can_ remove software without asking you, and would probably do that to remove malware, if it decides that removing the malware without your explicit permission is better for the customer than not removing it. I don't think they have ever removed anything for that reason, and they haven't removed anything with copyright problems.

  4. Google Play Services by Tester · · Score: 3, Funny

    I though they were describing Google Play Services, which I understand call do all of those things. Except obivously, that Google is not evil..

  5. Disgusting! by fuzzyfuzzyfungus · · Score: 5, Funny

    It's repulsive the sort of tactics that commie chinamen will stoop to, putting backdoors into their products like that. Why, here in America, those are 'features' that you consent to by opening the package, as documented on page 46 of the EULA, as interpreted in mandatory binding arbitration by the company's legal team! It must suck to live in such a benighted, unfree, country, where your cellphone is probably spying on you and may well come preloaded with malware...

    1. Re:Disgusting! by ColdWetDog · · Score: 2

      USA! USA! USA!

      Besides, out Three Letter Agency knows more about us than your Three Letter Agency!

      How do you like them Apples?

      --
      Faster! Faster! Faster would be better!
    2. Re:Disgusting! by PRMan · · Score: 2

      How do you like them Apples and Androids?

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
  6. Re:The difference is that THERE is evidence by Russ1642 · · Score: 2

    There are a lot of phones set to auto-update. That's pretty much all there is to it at this point.

  7. Re: The difference is that THERE is evidence by Russ1642 · · Score: 2

    Apps are set to auto-update. App stores control those apps. If they want to replace Gmail with Big Brother v 1.0 they can do that in an instant.

  8. Verizon and AT&T scoff at "Amateur Hour" backd by Anonymous Coward · · Score: 2

    Harumph! Harumph! (I didn't get a Harumph from that guy.....Harumph!)
    Verizon and AT&T laugh at your puny "backdoor" and limited scope of abuse available through it.
    Why, they opened up their ENTIRE NETWORK to the NSA/CIA/DIA/FBI/any local podunk sheriffs office.
    USA! USA! USA!
    We are STILL Number One!

  9. Sounds like my Sony Blu-Ray player by fhage · · Score: 4, Interesting
    I have a Sony BDR-S3100 which grabs an IP address even when it's off. It also frequently updates itself without notification when off, leaving new movie trailers and unfamiliar and unwanted Apps in its menu. Each time it does this, (about every 2 weeks) I have to re-enter all my account login information. There's no way to disable these automatic updates. Sony CS has no solution. In addition, I've discovered when the user starts an App, like Netflix, the player first contacts Sony servers before actually running the app. When their servers are down, the player can't run the Netflix App.

    Devices now own us. I miss the days when I had control over my devices.

    1. Re:Sounds like my Sony Blu-Ray player by vux984 · · Score: 2

      Sony CS has no solution.

      Whereas I have 3:

      1) Return it and replace it with something better
      2) Firewall it so it can't access the internet over your router. When you actually need/want to update it, its trivial to disable the rule for a few minutes.

      3) disconnect it from the network. if its wired this couldn't be simpler. If its wireless its may be a little more tedius to forget and resetup the wifi each time -- in which case maybe #2 above is the better solution.

      But really -- #1 is the correct solution.

    2. Re:Sounds like my Sony Blu-Ray player by almondo · · Score: 4, Funny

      I'd say sue Sony but their lawyers are a bit busy right now.

    3. Re:Sounds like my Sony Blu-Ray player by Gaygirlie · · Score: 3, Insightful

      Have you checked if it uses HTTP or HTTPS for its traffic? If it's just plain-old HTTP you could redirect the traffic to Sony's servers to a server of your own instead and always just reply with "everything is ok, no updates available, please continue." That's what I've done to several apps and appliances, thereby removing myself from their prying eyes and granting me access to things even when manufacturer's servers are unavailable.

    4. Re:Sounds like my Sony Blu-Ray player by vux984 · · Score: 2

      Yeah, the netflix angle breaks things and really just highlights just how terrible a player it is.

      Expect a lot more of this with "Internet of Things".

      I for one am not interested in any of that crap.

  10. Sony Xperias cellphonmes have backdoors too by Anonymous Coward · · Score: 2, Insightful

    From RealVNC press release:
    "27th February 2012: RealVNC’s remote access technology has been integrated in Sony Mobile Communication’s Android based Xperia smartphones, enabling them to connect to vehicle infotainment systems so that drivers can access their smartphone applications safely from the dashboard display. The technology can also be used in customer support services by helpdesk agents to provide better support to Xperia users."

  11. Re:3-digit /. UID? by operagost · · Score: 2

    Modem? Luxury! In my day, we had to touch the phone line to our tongues to sense the voltage drops, then key the data in manually to our analog computers with a cat's whisker we yanked out of our oatmeal box radios!

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  12. Re: The difference is that THERE is evidence by radish · · Score: 2

    What you're saying basically boils down to "in the end you have to trust the people who wrote the OS or built the device". Yes, yes you do. This article is an example of how one such group abused that trust. Of course Apple and Google could do the same, but absent of any evidence that they have done so saying they could is kind of redundant.

    --

    ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"