A Pre-installed App in Some American Android Phones is Sending Data To Chinese Servers

According to Cybersecurity firm Kryptowire, some Android phones, including those from American phone manufacturer BLU, are being preinstalled with software that monitors where users go, who  they call, and what they text. The information is then sent back to Chinese servers.

A software dedicated to spying on users is the trojan horse hidden inside some phones manufactured in China. Kryptowire, a Cybersecurity consulting firm, has released a report stating that such malware is being used to gather sensitive information such as GPS locations, text messages, etc. to send  back to Chinese servers every 72 hours.

The piece of code has been lurking inside the Android operative system.  As such, the program managed to conceal itself from the user’s perspective.

Tom Karygiannis from Kryptowire revealed that the malicious program was created by the Chinese company Adups, with the sole purpose of spying, stating that it isn’t the result of an error. Karygiannis said that the malware’s goal may be is to perform state espionage or to merely to sell advertising data.

Regardless of the software’s intention, one thing is clear: the user’s input or consent isn’t required. Adups’ website brags about the sheer number of devices housing one of their solutions:

Adups has over 700 million active users, and a market share exceeding 70% across 200+ countries and regions.

The company’s software is used in phones, cars, and other devices. American phone manufacturer, BLU Products, said that 120,000 of its phones had been affected, promptly stating that it had released an update to remove Adups’ spyware:

BLU Products has identified and has quickly removed a recent security issue caused by a 3rd party application which had been collecting unauthorized personal data in the form of text messages, call logs, and contacts from customers using a limited number of BLU mobile devices. Our customer’s privacy and security are of the upmost importance and priority.
The affected application has since been self-updated and the functionality verified to be no longer collecting or sending this information.

“Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server,” a popular US-based media outlet reported.

According to Adups, they intentionally designed the software to help a Chinese phone manufacturer to monitor user behavior, further explaining that the program wasn’t intended to ship in American phones. The company issued a press release in which they stated that the collected messages were used to improve anti-spam mechanisms, and to screen out “junk texts”:

In response to user demand to screen out junk texts and calls from advertisers, our client asked ADUPS to provide a way to flag junk texts and calls for users. We developed a solution for ADUPS FOTA application.
The customized version collects messages to identify junk texts using back-end aggregated data analysis in order to improve mobile phone experience. ADUPS FOTA application flags texts containing certain language associated with junk texts and flags numbers associated with junk calls and not in a user’s contacts.