Security firm says Chinese company collected phone users' texts

November 16, 2016
Virginia-based Kryptowire said that it had discovered the problem in a number of Android-based phones using firmware from the Chinese company Shanghai ADUPS Technology

A US security company says a Chinese-made smartphone popular in the United States forwarded detailed user data and user texts back to a Chinese server without the phone owner's knowledge.

Virginia-based Kryptowire, which provides mobile security services to government agencies and private businesses, said late Tuesday that it had discovered the problem in a number of Android-based phones using from the Chinese company Shanghai ADUPS Technology.

Those phones included the popular models from US manufacturer BLU Products, sold in stores around the country.

It said the firmware—software deeply embedded in the phone—periodically transmitted data that identified the device, the numbers called and received, contact lists and full text messages back to the server for unclear purposes.

It said the firmware could also execute remote commands and reprogram the smartphones from a remote location.

"The firmware could target specific users and text messages matching remotely defined keywords," Kryptowire said in a statement.

The report sparked fresh worries that mobile device makers—in this case Chinese—could surreptitiously suck more personal data from a person's phone or tablet than they admit to doing, for use commercially or, for example, in espionage.

In a statement Wednesday, Shanghai ADUPS said the firmware had been designed to help screen out junk texts and calls.

An automatic update to it made for other clients had "inadvertently" been installed on BLU Product phones, it said, and has since been disabled after objections from BLU.

"No information associated with that functionality, such as text messages, contacts, or phone logs, was disclosed to others and that any such information received from a Blu during that short period was deleted," it said.

Shanghai ADUPS' website says its software and firmware update services reach 700 million users around the world.

Explore further: Samsung phones reportedly catch fire in China

Related Stories

Samsung phones reportedly catch fire in China

September 19, 2016

Samsung said Monday it is investigating reports that two Galaxy Note 7 smartphones caught fire in China, where the company previously said all phones for sale were safe and didn't need to be included in a global recall.

Thunderstrike 2: Proof-of-concept worm could infect Macs

August 4, 2015

Two researchers, Xeno Kovah co-founder of LegbaCore and Trammell Hudson, a security engineer with Two Sigma Investments, have created a proof of concept worm capable of attacking Mac computers. The worm which they designed ...

Freebie tricksters unleash spam botnet using Android phones

December 20, 2012

(Phys.org)—Cloudmark, a San Francisco based messaging security company, posted a notice on Sunday that an Android trojan is being used to create simple havoc, aka an SMS spam botnet. Cyber-thieves dangling the lure of free ...

Firmware tweak can block subscriber calls, says Berlin group

August 28, 2013

A telecommunications security research group at the Technical University of Berlin earlier this month told an audience at the 22nd USENIX Security Symposium that they were able to hack phones by modifying embedded software. ...

Recommended for you

Firms push hydrogen as top green energy source

January 18, 2017

Over a dozen leading European and Asian firms have teamed up to promote the use of hydrogen as a clean fuel and cut the production of harmful gasses that lead to global warming.

WhatsApp vulnerable to snooping: report

January 13, 2017

The Facebook-owned mobile messaging service WhatsApp is vulnerable to interception, the Guardian newspaper reported on Friday, sparking concern over an app advertised as putting an emphasis on privacy.

4 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

CCMcCombs
5 / 5 (2) Nov 16, 2016
This is nothing new for Chinese technology companies, in fact it almost seems standard. One of the dozens of reasons not to by Chinese goods.
KelDude
5 / 5 (1) Nov 16, 2016
Typical Chinese reply. They always deny responsibility of any claim regardless of how true it may be. I keep trying to give the Chinese the benefit of the doubt but as more of these stories come along, the harder it is to place any trust in their products at all.
tomek_py
not rated yet Nov 16, 2016
Ahh typical Chinese phishing. Why so shocked :) ?
gkam
1 / 5 (2) Nov 18, 2016
They are miles behind our own spies.

Our spies are run by the professionals of Putin.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.