Mobile security is top priority but we know that some Chinese OEMs have been sending out sensitive data. We’re not talking about dozens to hundreds of devices affected but millions of Chinese-made phones vulnerable to compromises. No thanks to a secret software that tracks these behaviors. We reported this issue last year but looks like it is still happening.

The spyware was discovered before being installed on phones from ZTE, BLU Products, and Huawei among others. We noted that Huawei denied the claim and said the Adups company isn’t a partner. You think it would be helpful that it was discovered by sadly, the firm still secretly collects user data.

This is according to Kryptowire, the same group who discovered the pre-installed software tracking and monitoring activities of the device owners. A researcher reported that over 700 million Android phones have the software. What the software does is track SMS, GPS location, contact lists, and call logs among others. It was said to be scaled back after the discovery but it still is getting information. It is still possible even with a simple update. With this fact, Adups can know everything about the device like whether it is rooted or how data are used. The software can also work with the command-and-control channel where anyone can just execute code on a remote phone. It’s the same way the group fixed the issue: update their software.

Getting user data is still possible even with a simple update. With this fact, Adups can know everything about the device like whether it is rooted or how data are used. The software can also work with the command-and-control channel where anyone can just execute a code on a remote phone. It’s the same way the group fixed the issue: update their software.

This is basically a spyware that Amazon, BLU, Google, and DHS were able to fix back in 2016. It should be safe for the millions of phones affected but the Kryptowire software is still being used. The researchers tested the phones with Adups and discovered there are phones still sending important data to the firm. Those phones from BLU Products,  Cubot, and other Chinese brands are unfortunately still using the same software.

We’re hoping a permanent fix will finally roll out soon.

VIA: Cyberscoop