Secret backdoor software that sends user data to servers in China could affect 700 million Android phones


Security experts say they have discovered secret ‘backdoor’ software in Android phones that has been sending data on its users to China every 72 hours.

The alarming vulnerability was discovered by online security firm Kryptowire who found that certain Android devices that contain preinstalled software that collects and sends data such as text messages and geographical location to unauthorised third parties located in China.

According to the New York Times, the reason behind the data mining remains unclear, but experts are working on the theory that it could be used to gain information that is then passed onto to advertising networks or even used to send intelligence information back to the Chinese government.

The New York Times also reports that prepaid and disposable phone customers are most at risk of the software breach.

Kryptowire said that while 120,000 phones in the United States were affected by the software, which has been created by the Shanghai Adups Technology Company, hundreds of millions of other Android smartphones are also potentially at risk.

According to the New York Times, the same code runs of 700 million Android devices, including smartphones, tablets, auto software and wearables.

Kryptowire said the issue was only discovered after one of its researcher purchased a cheap BLU R1 HD smartphone to take on a trip overseas.


The software was discovered on the BLU R1 HD but could also affect 700 million Android devices.

As the researcher was setting up the phone he noticed was is described as “unusual network activity”. After a week long investigation, the researcher found that the phone was sending data such as text messages to servers located in Shanghai, which were located to the Shanghai Adups Technology Company.

In a post on its website Kryptowire added that the software breach was able to avoid detection by antivirus software due to the fact it ships with the device and is therefore not considered to be malware.

Smartphone manufacturer BLU Products said it has now released a software update which should fix the problem for the 120,000 of its smartphones that were found to be affected by the issue.

According to its website, Adups provides software for a number of Chinese smartphone manufacturers, most notably Huawei and ZTE, both of which sell a variety of smartphones in Thailand.

The New York Times reports that Google has asked Adups to remove its software from Android and from the Google Play Store, while the US government has also been made aware of Kryptowire’s findings.


*Update: ZTE USA contacted ThaiTech with this official statement:

“We confirm that no ZTE devices in the U.S. have ever had the Adups software cited in recent news reports installed on them, and will not.  ZTE always makes security and privacy a top priority for our customers. We will continue to ensure customer privacy and information remain protected.”


Comments are closed.