en security firm Kryptowire discovered last month that Chinese firmware company Adups was spying on text messages, call logs, contact lists, location information sent by Blu R1 HD phones in the United States, Blu quickly acted to plug the security hole assure customers that their personal data was safe. But now it appears that the issue might be more widespread.
Security research outfit Trustlook has uncovered numerous other manufacturers that may have devices containing Adups apps. ile many of them are smaller China-based manufacturers, a few notable brs made the list, including Archos, ZTE novo. Trustlook’s findings echo those of Kryptowire, in that the preinstalled apps are working behind the scenes to mine your data:
“The app comes preinstalled on the device. It collects many types of user information. In addition to specifications such as IMEI, IMSI, MAC address, version number, operator, this app attempts to collect user’s SMS text messages call logs. More troubling is that all of these procedures are done without user’s consent are processed in the background.”
In all, Trustlook has identified 43 manufacturers using Adups to deliver firmware. ile the report doesn’t say which phones are using the apps—or even what, if anything, is being transmitted back to Adups—it’s likely that any affected manufacturers will follow’s Blu’s lead quickly patch the issue. eviously, ZTE told that “no ZTE devices in the U.S. have ever had the Adups software cited in recent news reports installed on them.”
In the original New York es report, Adups said the software was strictly used “to identify junk text messages calls,” admitted installing the app on U.S. phones was “a mistake.”
The impact on you at home: Because of its open nature, Android is always at risk of spyware malware infiltrating its phones, these stories are going to surface from time to time. Blu hled it the right way, with a clear course of action a transparent explanation of what it did to correct the issue. If you own a phone by one of the manufacturers listed in the report, there isn’t a whole lot you can do to remove the spyware (though Trustlook offers its own tool to detect if it is present), but it serves as a reminder to be mindful of where you purchase your phone.