Saltar al contenido

Can manufacturers access, view and sell personal data on your mobile phone (eg SMS, calls, contacts)?

Los fabricantes pueden acceder, ver y vender los datos personales en tu celular (ej. SMS, llamadas, contactos)?

It was the reason why BLU was sued and it is not the only brand. For the same reason, security firm Trustlook found that another 42 mobile phone brands, including several recognized as Lenovo, ZTE, Hisense, Mediatek Helio Yes Gionee, were carrying the same spyware for which Bold Like Us was sued. Such spyware has collected users’ private data, such as the content of SMS, contacts or call log and sent them to servers in China.

All this revolved around the Chinese company Shanghai AdUps Technologies. He was the one who made the software for those mobile brands. One component of this software, which deals with updating the Android system on the Internet (OTA Update), is the one that performed this work of obtaining user data and sending it to AdUps computers in China, for «advertising purposes». . This update application automatically performed this collection and shipping process every 72 hours. In addition, this software had a backdoor or «backdoor» through which this company or any person or entity, you can have remote access to the affected computers.

lenovo-zte-other-spyware

Mobile phone brands that carry AdUps spyware

Aaron ElectronicsAeon MobileAll Win TechAmoi TechnologyArchosAUXBirdBLUCellonCoship MobileDEWAV GroupDEXP Digital Communication Technology ExperienceEastaeon TechnologyElectronic Co.GioneeGOSOHisenseHongyuHuaqinHuiyeInventec CorporationKonka Group CoLenovoLogicomLongcheerMalata MobileMediatek HelioPrestigioRagentekRDA MicroReallytekRUIOSanmuSprocommTinnoUniscopeVSUNWater World Technology Co.Wind CommunicationWingTechYifang DigitalZhuhai QuanzhiZTE

In addition to users’ personal data, such as SMS, contacts, and call logs, the software was found to extract other technical data from devices, such as IMEI, MAC address, and the Android version.

Archos and other NON-Chinese brands were also affected

When BLU was accused of carrying this spyware, it replied that it «did not authorize» AdUps to configure its software with this functionality (I put it in quotes because BLU already said it «didn’t know»). about backdoor and rootkits found by Bitsight on a previous occasion). It appears that AdUps ignored this requirement and stated that it was implemented accidentally, because it was intended only for the Chinese market. This would explain why more Chinese brands have been involved here. But the strange thing is that this software was not only found on devices of that origin. It was also in the French brand Archos, DEXP Communication Group in Russia and Prestige in the Czech Republic.

After BLU was reported, it took action in this regard and announced the removal of this «bad» component of the software. Instead, I would use the OTA application provided by Google. I’m sending a patch to block the functionality of the 120,000 affected devices. In the case of ZTE, it has been indicated that AdUps is not used in the ZTE Axon 7 device or in any equipment that ships to the United States. Huawei has also confirmed that it has nothing to do with AdUps. Xiaomi is not listed, but that does not mean it does not have spyware.

Regardless of the steps each manufacturer has taken regarding this particular situation, there is no guarantee that it will be repeated in the future without users knowing. The Android AdsUp component or application can be easily renamed, for example. This could be the case until another security company detects the problem, disguised in another way. It is the indefinite game of cat and mouse. In 2021, this type of problem continues to be seen by the manufacturer, even in countries like the United States.

Can you report the manufacturer spying on your personal information on your mobile phone?

BLUE, Doogee, Leagoo and the «small» brands come with viruses?

Can a NEW cell phone come with a virus?