Android’s phenomenal popularity has soared because of being associated by Google, its flexibility and LOW, LOW, LOW price compared to Apple’s iPad. Their cost per feature make them an irresistible purchase this season.
But we still remember the old warning about things “too good to be true” … why the extra attractiveness? Is there a hidden cost? A Pied Piper surprise?
By MATT APUZZO and MICHAEL S. SCHMIDT – -NOVEMBER 15, 2016
WASHINGTON — For about $50, you can get a smartphone with a high-definition display, fast data service and, according to security contractors, a secret feature: a backdoor that sends all your text messages to China every 72 hours.
Security contractors recently discovered preinstalled software in some Android phones that monitors where users go, whom they talk to and what they write in text messages. The American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence.
The backdoor has been discovered in two system applications – com.adups.fota.sysoper and com.adups.fota – neither of which can be disabled or removed by the user.
Besides BLU Products, Kryptowire immediately notified Google, AdUps, as well as Amazon, which is the exclusive retailer of the BLU R1 HD, of its findings.
Google also issued a statement saying that the company is working with all affected parties to patch the issue, though the tech giant said that it doesn’t know how widely AdUps distributed its software.
However, According to AdUps, its software featured on the smartphone tested by the security firm was not intended to be included on smartphones in the United States market and was just designed to help Chinese phone manufacturers to monitor user behavior.
07 November 2010, 18:22
Back door exploit for Android phones
A security expert working at Alert Logic has published a demonstration back door exploit for smartphones running Android. Criminals could use the principles of this exploit to gain control of a phone and install trojans. A potential victim need only call a malicious web site for infection to occur.
The example exploit will open the back door for demonstration purposes only on the fixed IP address 10.0.2.2 on port 2222. Although as it stands, the demo exploit is harmless, for an experienced cracker it would be relatively easy to customise the shellcode to create a malicious version. In a test conducted by The H’s associates at heise Security with an HTC Wildfire (Android 2.1), the exploit only caused a browser crash. Officially, the exploit only is only effective on Motorola’s Droid 2.0.1, 2.1, and the test was successful on an emulation of 2.0 – 1.2.
According to the Alert Logic engineer M.J. Keith, the exploit uses a long known flaw in the WebKit browser framework, and was originally only present in Apple’s Safari and the Ubuntu Linux distribution. WebKit is now used in Google’s Chrome and in Android. The hole was fixed in Android 2.2, but according to Google’s official statistics only 37 per cent of devices run this software version. Apparently there are further flaws in WebKit that also affect Android.
Since Google has never published information on security holes and patches for Android, users remain unaware of potential threats. It is unclear why Google retains the information and several questions about this policy remain unanswered. It is possible the information is not published out of consideration for the manufacturers of smart phones who often take many months to produce updates and commonly use unofficial adaptations of Android to suit their particular hardware.
Recently the software audit specialists Coverity reported finding 88 critical vulnerabilities in Android.
If you own a Android smartphone or tablet which has a MediaTek processor powering it, your smartphone/tablet is vulnerable to remote hacking via a backdoor. This was discovered by a security researcher, Justin Case who has notified MediaTek about the flaw. The bug is apparently due to a debug tool which was left open by MediaTek in shipped devices.
Routers manufactured and sold by Chinese security vendor have a hard-coded password that leaves users with a wide-open backdoor that could easily be exploited by attackers to monitor the Internet traffic.
The routers are sold under the brand name Netcore in China, and Netis in other parts of the world, including South Korea, Taiwan, Israel and United States.
According to Trend Micro, the backdoor — a semi-secret way to access the device — allows cybercriminals the possibility to bypass device security and to easily run malicious code on routers and change settings.