Secret Backdoor in Some US Phones Sent Data To China

Security contractors have warned that many Android smartphones ship with preinstalled software that has a backdoor that sends all your text messages to China every 72 hours. (Editor's note: the link could be paywalled; here's the press release.) The New York Times reported Tuesday that "the American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence." From the report: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone manufacturer, BLU Products, said that 120,000 of its phones had been affected and that it had updated the software to eliminate the feature. Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. "Even if you wanted to, you wouldn't have known about it," he said.

Ads or government collection

[Calydor]

Why not both?

Is there some magical thing that says if something is collecting for advertisement purposes it can't be shared with intelligence agencies?

Re: Another Day, Another Android Exploit

This has nothing to do with Android... it's not a bug. This is preinstalled malware on Chinese phones.

Stop drinking the koolaid.

Thanks Google

[110010001000]

This is on Google. They need to get a grip on Android.