We have already seen some previous reports of Chinese giants or other sending personal data back to their headquarter in mainland china and now once again the potentially vulnerable risk of having a Chinese low-budget phone brought into the light by security firm Kryptowire.
As reported by the New York Times, code written by Shanghai Adups Technology Company was preinstalled on some Android phones and used to monitor where users go and record communication data including call logs and text messages.
The software, which also tracked users’ location data and call logs, was written by the Chinese company Shanghai Adups Technology Company, but its purposes — state surveillance or advertising — are unknown.
“This isn’t a vulnerability, it’s a feature,” Kryptowire vice president of product Tom Karygiannis told The Verge.
Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. “Even if you wanted to, you wouldn’t have known about it,” he said.
Micromax does use this type of software in their cheap Smartphone for advertising purpose but can’t comment on whether this software also intends to send users personal data in mainland china. This indicates that mostly low-cost Android phone does use this type of software to generate more revenue and users are always at the risk of losing their important date to an Unknown person.
Adups claims to have software running on more than 700 million, mostly low-end devices, and says it has partnered with some major manufacturers like Huawei and ZTE, but the scope of the installed software is also unclear.
These vulnerable risks come to light from a document Adups provided to executives from BLU, a U.S-based manufacturer of budget Android devices. According to BLU CEO Samuel Ohev-Zion, the company was unaware of the backdoor, but says that BLU moved quickly to correct it and has been assured by Adups that all information taken from Blue customers has been destroyed:
Adups told the Times that the software was not meant for US phones, So basically their target could be the large wide Indian market. So be careful while buying low-cost Android phone whether offline or Online and if you find any unusual activity in you Smartphone drop the comment below and also drop a mail to the Smartphone company also.