Chinese Devices - Online Cyber Security News

Built-In Backdoor Found in Popular Chinese Android Smartphones

Wednesday, December 17, 2014 Swati Khandelwal

Built-In Backdoor Found in Millions of Popular Chinese Android Smartphones

Chinese smartphone manufacturers have been criticized many times for suspected backdoors in its products, the popular Chinese smartphone brands, Xiaomi and Star N9500 smartphones are the top examples. Now, the China's third-largest mobile and world's sixth-largest phone manufacturer 'Coolpad', has joined the list.

Millions of Android smartphones sold by Chinese smartphone maker Coolpad Group Ltd. may contain an extensive "backdoor" from its manufacturer that is being able to track users, push unwanted pop-up advertisements and install unauthorized apps onto users' phones without their knowledge, alleged a U.S. security firm.

OVER 10 MILLION USERS AT RISK

Researchers from Silicon Valley online security firm Palo Alto Networks discovered the backdoor, dubbed "CoolReaper," pre-installed on two dozens of Coolpad Android handset models, including high-end devices, sold exclusively in China and Taiwan. The backdoor can let attackers completely hijack users' Android device by gaining access to their device information and functions.

The backdoor presents several privacy and security risk, and is believed to impact over 10 million users worldwide. The security firm released a research paper Wednesday detailing its investigation on the backdoor software, called CoolReaper.

FEATURES OF COOLREAPER BACKDOOR
According to Ryan Olson, intelligence director at Palo Alto, CoolReaper backdoor can perform a wide number of unsolicited tasks. The backdoor has ability to:

Download, install and activate any Android application without the user's consent or notification
Connect to a number of command and control (C&C) servers
Clear user data, uninstall existing applications, or disable system applications
Send fake over-the-air (OTA) software updates to devices that install unwanted applications
Send or insert arbitrary SMS or MMS messages into the phone
Dial arbitrary phone numbers
Upload device information, its location, application usage information, calling and SMS history to Coolpad server

Researchers obtained only one of the Coolpad smartphone models sold in the U.S. and did not find CoolReaper on the device. So, they suspected that the CoolReaper backdoor comes pre-installed only on Coolpad handsets sold in China and Taiwan.

The researchers conducted its investigation after reviewing complaints by the users on message boards about suspicious activities noticed on Coolpad devices. The security firm installed multiple copies of the custom ROMs installed on Coolpad devices in China and found that most included CoolReaper.

"CoolReaper is the first malware we have seen that was built and operated by an Android manufacturer," researchers wrote. "The changes Coolpad made to the Android OS to hide the backdoor from users and antivirus programs are unique and should make people think twice about the integrity of their mobile devices."

CHINA BEING CRITICIZED MANY TIMES
This isn't the first time when Chinese phone manufacturer is criticized for its products. Six months ago, a popular and cheap handset device in China, the Star N9500 smartphone came pre-installed with a Trojan that allowed manufacturer to spy onto their users' comprising their personal data and conversations without any restrictions and users' knowledge.

Also, the latest claim against Chinese smartphone manufacturers was the allegation that the popular Chinese smartphone brand, Xiaomi has been suspected of "secretly" stealing users' information from the device without the user's permissions and sending it back to a server in Beijing, despite of turning off the data backup functions.

Palo Alto Networks is the same security firm that discovered "WireLurker" malware that was targeting Mac and iOS users in China, and the main concern to worry about the threat was its ability to attack non-jailbroken iOS devices. The malware appeared as the first malicious software program with the ability to penetrate the iPhone's strict software controls.

Sony Xperia Devices Secretly Sending User Data to Servers in China

Tuesday, October 28, 2014 Mohit Kumar

If you own a Sony smartphone either the Android 4.4.2 or 4.4.4 KitKat firmware then inadvertently you may be transmitting your data back to the servers in China, even if you haven’t installed any application.

Quite surprising but it’s true. I know many of you haven’t expected such practices from a Japanese company, but reports popping up at several forums suggest that some new Sony Xperia handsets seem to contain the Baidu spyware.

MYSTERIOUS BAIDU SPYWARE

About a month ago, a group of community users of Sony smartphone detected the presence of a strange folder, named “Baidu”, mysteriously appeared from among those present in various versions of Android for these handsets.

The creepy part is that the folder is created automatically without the owners permission and there is no way of deleting it. Even if someone tries to remove it, it instantly reappears as well as unticking the folder from device administrator equally seems to do nothing, neither does starting the phone in Safe Mode.

“Just unpacked my Sony Z3 compact, haven't installed a single app and its connecting to China. I am not so concerned about the folder itself but my phone now has a constant connection to an IP address in Beijing which I am not too happy about.” Reddit user commented.

The Baidu folder appears to be created by Sony’s ‘my Xperia’ service each time a connection is made and is reported to be sending pings to China. There is no further information known on what these pings are transmitting but nevertheless they do seem to be transmitting.

PERSONAL INFORMATION SEND TO CHINA

Going deep, several users reported they found that the Chinese government is able to detect the status and identity of the device, take pictures and make videos without the consent of the user. A user, going by the handle Elbird, posted on Sony Forums that with the help of Baidu folder, the Chinese Government can:

Read status and identity of your device
Make pictures and videos without your knowledge
Get your exact location
Read the contents of your USB memory
Read or edit accounts
Change security settings
Completely manage your network access
Couple with bluetooth devices
Know what apps you are using
Prevent your device from entering sleep mode
Change audio settings
Change system settings

AFFECTED PRODUCTS

Thankfully this is a spyware and you can check to see if you have or not. If you see the folder named Baidu in your device then your device contains the spyware. But, for users it isn't the folder which seems to be the real cause for concern, though; it’s the fact that the phones open a connection to servers.

According to the reports affected devices include the new Sony Xperia Z3 and Z3 Compact, and several users from the Reddit community have also reported about the presence of this folder on their mobile phones, too — and not necessarily phones made by Sony. One owns an HTC One M7, another an HTC One X, a few others the OnePlus One.

STEPS TO DISABLE BAIDU SPYWARE

Backup your important data and factory reset the device.
Turn on the device and go to Settings -> Apps -> Running and Force stop both “MyXperia” apps.
Then remove the baidu folder using File Kommander app.
Go to Settings -> About Phone -> Click 7 times on the Build Number to enable developer mode.
Download or Install the Android SDK on your computer and then connect the Sony device to it using USB cable.
Run the adb tool terminal : adb shell
In adb shell, type the command: pm block com.sonymobile.mx.android
Exit adb shell
Reboot the device.

Note that the spyware does not necessarily affect the process or functionality of your mobile devices, so you shouldn't be worried in this respect. Sony has not officially responded to this ‘baidu’ folder issue.

However, the company has recognized the issue and has said that in the next release the problem will be fixed. Unless Sony can roll out some kind of fix in the near future then it seems you might have to wait until Lollipop rolls out in January before you can get rid of Baidu.

Recently Chinese smartphone manufacturer Xiaomi has been called out for spying on personal user data using their smartphones. According to F-Secure Xiaomi Smartphones were sending user data back to the servers based in China.

Get the Ultimate 2018 Hacker Bundle – Pay What You Want

Monday, January 01, 2018 Exclusive Deals

Learn Ethical Hacking Online: A to Z Training Course Pack

Good news, we bring an amazing deal of this month for our readers, where you can get hacking courses for as little as you want to pay and if you beat the average price you will receive the fully upgraded hacking bundle!

China Develops Facial Recognition Payment System with Near-Perfect Accuracy

Tuesday, September 09, 2014 Wang Wei

In an intent to move one step forward from others, China is planning to launch a facial recognition payment application with near-perfect accuracy that enables users to authorize their online transactions just by showing a picture of themselves.

Chinese researchers from the Chongqing-based research institute have developed a facial recognition system that can pick faces from a crowd with 99.8 percent accuracy from 91 angles.

CHINA FACE-RECOGNITION PAYMENT SYSTEM TO LAUNCH IN 2015

Academic at the Chongqing Institute of Green has set up the world's biggest Asian face database displaying more than 50 million Chinese faces. The database was compiled with help from the University of Illinois and the National University of Singapore.

The face-recognition payment system is not completely developed at the moment and will come into application by the Chinese Academy of Science (CAS) in 2015. This system will let users to interlink their bank accounts or credit cards with facial data and make payments without any need of providing passwords or PINs.

SYSTEM WORKS EVEN IN DYNAMIC ENVIRONMENT

Zhou Xi, director of the CAS Chongqing Green Technology Research Institute, told local reporters the system can distinguish between identical twins, unravel layers of makeup and still identify an individual if they've packed on or shed kilos.

"The facial recognition system is not only accurate but also quick to recognise," Xi said.

The system scored the highest accuracy in China topped Carnegie Mellon University's global standards, beating its predecessors' best accuracy record of 97.6 percent.

Researchers said the system is equipped with enhance learning abilities that it will automatically changes characteristics of the subject, therefore it functions stably and accurately in a dynamic environment as well.

FIRST COMPANY TO LAUNCH FACE-RECOGNITION SYSTEM

China is not the first in the list to develop face-recognition system as a shopping tool, Finnish company, Uniqul, also developed a similar technology in 2013. The company also plans to embed it in payment terminals, but is still “finalizing [their] product and getting ready for deployment in the Helsinki area,” the company says on its blog.

“Uniqul gives merchants the chance to know its customers – leading to a more personalized and enjoyable shopping experience.We are very glad to bring you these news and we at Uniqul are looking forward to provide you with your most enjoyable shopping experience yet.”

Still the so very near-perfect accuracy of Chineses face-recognition system indicates that it may beat out the Finnish company for the distinction of operating the first such system.

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

Thursday, August 21, 2014 Mohit Kumar

The United States division of Samsung has been charged with deceiving the US government into believing that several of its products met the necessary US government policies, resulting in the US government buying unauthorised Chinese-made electronics.

The South Korean electronics giant has agreed to pay the Government $2.3 million in fines to settle the charges of violating trade agreements, the Justice Department announced Tuesday.

Under federal contracting rules, Government agencies are only required to purchase products made in the United States or in countries that have a trade agreement with the United States.

Federal agencies purchased products from Samsung through authorised resellers, believing they were manufactured in South Korea or Mexico, comply with government procurement rules — namely the US trade agreement act.

SAMSUNG LIED TO U.S GOVERNMENT

Despite complying with the terms of the contract, Samsung was found to have breached the US government between the year 2005 and 2013 by providing the resellers “inaccurate information” about the country of origin of the products and supplying those products that they claimed to have produced in Mexico or South Korea, but were actually manufactured in China, which is not part of the agreement.

According to the Justice department, this settlement is not an admission of liability by Samsung. Samsung has yet to comment on the settlement.

“This settlement upholds important trade priorities by ensuring that the United States only uses its buying power to purchase from countries that trade fairly with us,” Stuart F. Delery, the Assistant Attorney General for the Justice Department’s Civil Division, said in a statement on Tuesday.

The settlement was a joint effort by the U.S. Attorney’s Office for the District of Maryland, the commercial litigation branch of the Justice Department’s civil division and the General Service Administration inspector general.

This matter came to light after a former Samsung employee, Robert Simmons, shared the information with the United States federal agency, under whistleblower provisions in the False Claims Act. The act allows whistleblowers to sue for false claims on behalf of the US and to share in its recovery. Of course, he will be rewarded with a portion of the settlement amount by the US government for alerting them about the issue.

WITH LOVE — FROM CHINA

The United States has an increasingly distrustful relationship with both China and with leading Chinese tech firms. Networking giant Huawei has effectively closed down its American presence after scrutiny of US lawmakers and regulators who believe that Huawei’s alleged put backdoors for the Chinese government.

In 2012, US government banned its federal agencies to use chinese products that could pose a threat to US national-security interests.

China hit back, after the former NSA contractor Edward Snowden leaked several documents about the United States world-wide surveillance program and pressured its domestic banks to replace high-end IBM servers with similar equipment manufactured within the country.

The country also banned the procurement of technology from a number of foreign firms, including Microsoft, Apple, Symantec and Kaspersky.