Skip to main content

Backdoor in some cheap Android phones sent personal data to China

If you've used certain kinds of disposable or prepaid Android phone, your device may have been unknowingly transmitting personal data and usage information to a Chinese server, according to a new report released by security contractors at Kryptowire.

As reported by the New York Times, code written by Shanghai Adups Technology Company was preinstalled on some Android phones and used to monitor where users go and record communication data including call logs and text messages.

From the article:

Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. "Even if you wanted to, you wouldn't have known about it," he said.

Making things all the more troubling was the fact that this was no bug in the code, but instead an intentional effort by Adups to "help a Chinese phone manufacturer monitor user behavior" via device firmware. This information comes from a document Adups provided to executives from BLU, a U.S-based manufacturer of budget Android devices. According to BLU CEO Samuel Ohev-Zion, the company was unaware of the backdoor, but says that BLU moved quickly to correct it and has been assured by Adups that all information taken from Blue customers has been destroyed:

Mr. Ohev-Zion, the BLU chief executive, said he was confident that the problem had been resolved for his customers. "Today there is no BLU device that is collecting that information," he said.

Adups writes software code for phones, cars and other IoT devices, boasting on their website that they have 700 million active users across over 200 countries and regions. BLU told the NYT that 120,000 of its phones had been effected. The full scope and scale of this discovery still unclear at this time.

Android Central reached out to BLU for comment, but had not received a response as of press time.

Marc Lagace was an Apps and Games Editor at Android Central between 2016 and 2020. You can reach out to him on Twitter [@spacelagace.

  • Oh lawd.......
  • Wild -- but not surprising. I suppose the tin foil folks will claim the NSA is behind it. I wonder how long before narcissist Edward Snowden pops up exclaiming, "Told you so..."
  • Not fast enough
  • Could you elaborate on your statement that Snowden is a narcissist?
  • I guess anyone who reveals the truth which undermines powers-to-be is a narcissist. You know all those terrible whistle blowers and journalists who were willing to risk everything they had, just to have 5 min of glory. We should totally stop them and no better way to do it than mock them first.
  • They help us by telling us stuff that the NSA won't tell us like how they are surveillance all of US
  • You know that udazavlanje was being facetious, right?
  • Lol, this one doesn't want to accept reality and want to be blinded with comforting lies eh...
  • from behind the iron curtain no less
  • One more notch for Apple, who will likely (and appropriately) use this to remind users they take care of even their "most affordable" devices being secure, private, etc. etc...
  • Don't kid yourself. If one doesn't think China made some sort of deal with Apple for a back door one is nuts. Perhaps the deal isn't with Apple but with the Chinese carriers, but no way the Chinese government is gonna permit all those Iphones to be sold without some sort of monitoring.
  • In China buddy. In China.
  • "If one doesn't think China made some sort of deal with Apple for a back door one is nuts." And the one spouting conspiracy theories isn't nuts? Alright, then...
  • Apple didn't care much about users data, when sold the default search engine spot to Google for a Billion dollars.
    But yeah, they can keep bs their fans with no shame for sure
  • "and has been assured by Adups that all information taken from Blue customers has been destroyed" Well, as long as Adups have given their assurance. It's not like we have any evidence that they can't be trusted or anything... And because someone will somehow miss it, /s
  • Doesn't surprise me it's more then likely been going on for a long time probably not just in phones what did you think was going to happen when you move all manufacturing to a communist country.
  • ^This times 1000!! Those manufacturers are the ones who put the software on the device. They have an opportunity to place malicious code on any and nearly every device. Including iPhones.
  • Not that I'm a fan of it, but what exactly does this have to do with communism? It's shady businesses being shady businesses. The political regime of the country they're doing it in are pretty much irrelevant... In fact, you might not like it, but this was more than likely motivated by capitalism, not communism.
  • So you do not think the Chinese government had anything to do with this? At all? Come on now.
  • Oh they certainly could have, and it wouldn't surprise me if they did. But on the other side of the coin, would it surprise you if it was just done for profit?
  • Good point.
  • Maybe a little. But the Chinese govt keeps things nice and their citizens.
  • I think "totalitarian" is a more appropriate word than "communist". China abandoned communism years ago.
  • The manufacturer really blu it.
  • Haha
  • So you sayin that you smell blu cheese?? Lol
  • This is despicable. They will be taking away our app drawers next and life will be over - oh wait... How do people without an app drawer cope with life?
  • Nobody should be surprised really. There's a reason why they're so cheap.
  • Sorry but even high priced gadgets are easily hackable.
  • Hackeable and data mining aren't the same, but google already sells your data so...
  • Everyone says this, can you prove Google sells our data? Google does not sell personal data.
  • Exactly. It's far more profitable for them to keep it for themselves, why would they compromise their own revenue stream?
  • Google sells our data to ads companies, that is a fact that you know
  • Sorry, you are wrong.
  • Google sells ad space to ad companies, then uses our data to target them itself. Google is the middleman, and that's where it's money comes from. "About 50% of the human race is middlemen, and they don't take kindly to being eliminated."
  • "facts" are how Trump got elected
  • Good one.
  • Yea but this wasn't a hack. Blu intentionally put this software on their phones. Posted via the Android Central App
  • Perhaps unwittingly, hard to say.
  • And you wonder why there's a hold on letting the Chinese in the US market full blown. The FCC knew this kind of stuff would happen
  • Congress was wise to keep Huawei and ZTE out of those little shacks at the base of cell towers, among other infrastructure they've been kept out of. These same companies are hankering to get the western corporate world using and exposing company IP jewels on their cloud gear. Government resistance is stirring on this too.
  • @phillip pugh Ahhhhh well, at least BLU haven't installed software on their phones to cheat benchmark results like Samsung did? Just remind me again - why did Samsung feel the need to cheat reviewers and customers if their devices are supposedly so superior?... Lol
  • Doesn't matter if its cheap or expensive. Your data is still getting mined. Don't be fooled people.
  • But this is a communist country that doesn't like the US very much.
  • this is why i stay with pixel. even a nexus 5x or 5 would be a better option
  • You do realize the pixel got hacked in record time last week something 10 minutes
  • Actually, they did it in under a minute! At that same hackathon other notables were hacked by those white hat teams I think what is important to note with regards to your reference is that Google has an excellent reputation for updates, and the likelihood of a patch next month is fairly high. What is also important to note with regards to your reference is that the Pixel was *hacked* -- it didn't come to us with an intentionally placed open back door.
  • It's ok, Philipp and his fellow Samsung fanboys are constantly criticising the Pixel. One can only assume that they would only pay it so much attention because they see it as a threat :)
  • The "hack" you refer to is unlocking the bootloader to allow root access. It can only be done with physical possession of the phone AND results in your data being wiped during the process.
  • Thanks for clarifying. It is highly unlikely that anyone would have possession of my phone--i think it is glued to my hand :-)
  • I gave my mom one of these and my kids. I did get an email today stating that I'll be getting updates on these phones to fix. Hopefully it's not too late.
  • do the Chinese government and manufacturers really give
    a rat's [rear end] about the movements and behaviors of poor
    unemployed/under-employed Americans who can only afford
    cheap Android phones? You'd think that they want the data
    from rich people or government employees who are overpaid
    and always buy flagship Android phones. Their data are
    worth 10 times more. Even the Chinese government knows and frequently laughs
    about the fact that more than 60-percent of Americans cannot
    come up with $1000 cash for emergencies. (by comparison,
    70+ percent of Chinese citizens in urban areas have on average
    US$2960 cash in their savings accounts)
  • If you think China and the Chinese are so much better than us good old Americans go find a Chinese android site to comment on. Oh wait, your phone would probably get infected with malware.
  • And those stats are provided by ... The Chinese government? The media in China? ... which, btw, is controlled by the Chinese government.....
  • even the banks that that money is in is controlled by the Chinese govt.
  • I bet this hurts companies like Huawei. I know I have been avoiding the Chinese brands for this very reason.
  • Been saying that for years!!
  • And Huawei has its own chip foundry, HiSilicon, where they are making Kirin chips to compete with Qualcomm. Anything goes, and for outsiders to qualify circuit behavior is a much harder game. For security researchers this can even mean reverse engineering stuff in a lab with x-ray analysis.
  • Apple and Google both do software AND hardware but the likes of BLU and other smaller hardware manufacturers rely heavily on software from others. I would imagine if they didn't really know what to look for that it would be easy to slip in some sneaky code. It wouldn't be quite so easy with Apple or Google, who are creating their own software to match to specific hardware.
  • That's right although if any phones Google sells are made with homemade Huawei chipsets such as Kirin, watch out. It's difficult to believe the PRC, being obsessed with surveillance of the Chinese masses and beyond, would not have anything special burned into the silicon.
  • True, but they don't do their own manufacturing. That's the point where something can get slipped in without their knowledge.
  • **** gonna hit the fan
  • "Adups provides software to two of the largest cellphone manufacturers in the world, ZTE and Huawei. Both are based in China." I keep telling you people, but NOOOOO, you won't believe me.
  • I have been contemplating a ZTE, OnePlus, or a Huawei/Honor cheapie as a secondary phone, but I've not yet come to trust the Chinese phone manufacturers. When Lenovo gets accused of leaving backdoors on their laptops in 2013, 2015 and 2016 (do a Google search with "lenovo backdoor laptop"), you have to wonder what the phone companies are doing as well....
  • When this kind of garbage happens, Google needs to step in and immediately revoke their license for using Google Services on the phones. I hope Google pulls the plug on them. On top of this, people need to be aware that this isn't an Android fault, rather an irresponsible OEM.
  • True but they won't cause of Androids openness
  • No surprises with any type of software from China. Does anyone really believe this was just an oversight? The one thing in the article that worries me is that the software is also used in cars and IoT devices. Both of which have no real security standards set yet. Considering the latest DDoS attack on OVH used over 150,000 IoT devices, that should be a cause for concern. People can say what they want to about tinfoil hats but it's obvious from the Snowden releases that if there's a hole or back door in anything the NSA and other agencies WILL exploit it. There's enough tracking and watching already without having to worry if your fridge, thermostat, TV, doorbell, and car are checking in and phoning home.
  • Oh, this definitely isn't an oversight. This is a matter of BLU (and others) not knowing how to read code and/or not knowing to request modifications to the offered software.
  • Valid concerns, as long as you don't think the NSA would be conducting vandalistic DDoS attacks just because they could.
  • Don't be shocked if the NSA and US manufacturers already have something similar in place or even worse.
  • How funny when Microsoft, Google, Facebook has spied and collected your information for years, people complaining nothing about it. When some media put Chinese on the title for the same story, it's suddenly become a big deal. You do know we hear news about information on your phone has been send to China at least once a year as routine practice to destroy any fair competition. You do know Cisco put back door on all their network equipment sold to all other countries around the world so the government can use it?
  • MS, Google and FB clearly state in their TOS that data is being collected! This is not the same.
  • But when German whitehats demonstrated backdoors in Huawei routers at DefCon, they must have been paid by Cisco to fake the whole thing, right?
  • They're probably already doing so on my Z.
  • An old Chinese saying: All crows are black.
  • The only Android I trust is made by BlackBerry. Nuff said .
  • This is why I'll never buy a chinese phone. Anyone who thinks this is an accident really doesn't know what's going on. I've worked in secure government IT shops, and we've seen the same thing happening with enterprise level networking equipment from China.
  • "BLU told the NYT that 120,00 of its phones had been effected." Missing a zero, or is that comma in the wrong place?
  • It's time for Trump to take care of the Chinese and build a wall. We'll call it: The Great Wall Of China.
  • You mean the Gringo wall for china