The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: Chinese Mobile

Dangerous Rootkit found Pre-Installed on nearly 3 Million Android Phones

Dangerous Rootkit found Pre-Installed on nearly 3 Million Android Phones

November 19, 2016Swati Khandelwal
Here's some bad news for Android users again. Nearly 3 Million Android devices worldwide are vulnerable to man-in-the-middle (MITM) attacks that could allow attackers to remotely execute arbitrary code with root privileges, turning over full control of the devices to hackers. According to a new report from security rating firm BitSight, the issue is due to a vulnerability in the insecure implementation of the OTA (Over-the-Air) update mechanism used by certain low-cost Android devices, including BLU Studio G from US-based Best Buy. Backdoor/Rootkit Comes Pre-installed The vulnerable OTA mechanism, which is associated with Chinese mobile firm Ragentek Group, contains a hidden binary — resides as /system/bin/debugs — that runs with root privileges and communicates over unencrypted channels with three hosts. According to the researchers, this privileged binary not only exposes user-specific information to MITM attackers but also acts as a rootkit, potentially allowing
Built-In Backdoor Found in Popular Chinese Android Smartphones

Built-In Backdoor Found in Popular Chinese Android Smartphones

December 18, 2014Swati Khandelwal
Chinese smartphone manufacturers have been criticized many times for suspected backdoors in its products, the popular Chinese smartphone brands, Xiaomi and Star N9500 smartphones are the top examples. Now, the China's third-largest mobile and world's sixth-largest phone manufacturer 'Coolpad' , has joined the list. Millions of Android smartphones sold by Chinese smartphone maker Coolpad Group Ltd. may contain an extensive "backdoor" from its manufacturer that is being able to track users, push unwanted pop-up advertisements and install unauthorized apps onto users' phones without their knowledge, alleged a U.S. security firm. OVER 10 MILLION USERS AT RISK Researchers from Silicon Valley online security firm Palo Alto Networks discovered the backdoor, dubbed " CoolReaper ," pre-installed on two dozens of Coolpad Android handset models, including high-end devices, sold exclusively in China and Taiwan. The backdoor can let attacke
Xiaomi Data Breach — "Exposing Xiaomi" Talk Pulled from Hacking Conference

Xiaomi Data Breach — "Exposing Xiaomi" Talk Pulled from Hacking Conference

October 30, 2014Wang Wei
China’s number one — and the world’s 3rd largest — smartphone manufacturer, Xiaomi , which is trying to make inroads into India’s booming mobile phone market, was found secretly sending users’ personal data , including IMEI numbers, phone numbers and text messages to the web servers back to Beijing in China. INDIA AND TAIWAN vs XIAOMI This issue raised higher concerns across many countries, proactively in India, Singapore and Taiwan. The Indian Air Force (IAF) — among the largest in the world — warned its employees and their belongings that their private information was being shipped over to servers in China, and asked them to avoid using Xiaomi smartphones due to security risk. Taiwanese Government underlined similar concerns before Xiaomi’s launch in India. Xiaomi is facing an investigation in Taiwan for alleged cyber security threat, as a result of which last month the Taiwanese government decided to ban the company due to several privacy controversies. When i
Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

August 22, 2014Mohit Kumar
The United States division of Samsung has been charged with deceiving the US government into believing that several of its products met the necessary US government policies, resulting in the US government buying unauthorised Chinese-made electronics . The South Korean electronics giant has agreed to pay the Government $2.3 million in fines to settle the charges of violating trade agreements, the Justice Department announced Tuesday. Under federal contracting rules, Government agencies are only required to purchase products made in the United States or in countries that have a trade agreement with the United States. Federal agencies purchased products from Samsung through authorised resellers, believing they were manufactured in South Korea or Mexico, comply with government procurement rules — namely the US trade agreement act. SAMSUNG LIED TO U.S GOVERNMENT Despite complying with the terms of the contract, Samsung was found to have breached the US government bet
Xiaomi Phones Secretly Sending Users' Sensitive Data to Chinese Servers

Xiaomi Phones Secretly Sending Users' Sensitive Data to Chinese Servers

August 10, 2014Mohit Kumar
Chinese telecoms equipment suppliers have previously been criticized by some countries due to suspected backdoors in its products, and if United States has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology, then they are not wrong at all. In the latest claim against Chinese smartphone manufacturers is the allegation that the popular Chinese smartphone brand, Xiaomi has been suspected of “secretly” stealing users’ information — including SMS messages and photos —from the device without the user's permissions and sending it back to a server in Beijing, despite of turning off the data backup functions, according to Apple Insider . Security Researchers from  F-Secure Antivirus firm  has shown that the Xiaomi phones (RedMi 1S handset) send quite a lot of personal and sensitive data to " api.account.xiaomi.com "  server located in China, including following information
Chinese Android Smartphone comes with Pre-installed Spyware

Chinese Android Smartphone comes with Pre-installed Spyware

June 17, 2014Mohit Kumar
If US has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology due to suspected backdoors, then they are not wrong at all. A popular Chinese Android Smartphone comes pre-installed with a Trojan that could allow manufacturer to spy onto their users’ comprising their personal data and conversations without any restrictions and users knowledge. GOOGLE PLAY STORE OR A SPYING APP? According to the researchers at the German security firm G Data , the Star N9500 smartphone, a popular and cheap handset device in China, comes pre-installed with Uupay.D Trojan horse, disguising as a version of the Google Play Store. The trojan camouflage as the Google Play Store , so it enables Chinese Company to secretly install malicious apps, which creates the whole spectrum of abuse. STEALING WITHOUT RESTRICTIONS The nasty Spyware runs in the background and has capability to steal
Government launched 'China Operating System' (COS) to break Andoird and iOS Monopoly

Government launched 'China Operating System' (COS) to break Andoird and iOS Monopoly

January 22, 2014Anonymous
China has always tried to support its homegrown tech industry and even the security concerns over U.S. secret surveillance which gives Chinese Government another reasons to trust domestic vendors.Many other countries are also in favor to develop their own technology industries to reduce their dependence on U.S. The Government of China is not too fond of foreign mobile operating systems and therefore are trying to break the monopoly of Microsoft, Apple and Google in the country. This week at an event in  Beijing,  China has unveiled its own Linux-based mobile platform, dubbed China Operating System (COS) , developed as a joint effort between a company ' Shanghai Liantong ', ISCAS ( Institute of Software at the Chinese Academy of Sciences ) and the Chinese Government. According to  COS website , it is designed for PCs, Smartphones, tablets, TVs, set-top boxes and other smart appliances. It runs Java applications, supports HTML5 and can run over 100,000 apps. At
NSA Hacks into 3 major Chinese operators to steal millions of SMS Data

NSA Hacks into 3 major Chinese operators to steal millions of SMS Data

June 26, 2013Mohit Kumar
Once again NSA whistleblower Edward Snowden revealed the truth, that the NSA hacks into China’s mobile operators to steal millions of text messages.  Every month Washington come up with new reports  and accuse other nations, particularly China, for cyber hacking , but the biggest culprit of such crime is in fact the United States. All of this appeared to go relatively well for Washington until revelations emerged of the U.S. National Security Agency's PRISM surveillance program . According to Snowden, U.S. spies had hacked 3 major mobile phone companies in China and a core network to steal text messages of millions of Chinese citizens. Fang Binxing, a President at Beijing University who is considered the chief pioneer of China’s Great Firewall Internet filtering system, has warned in the past that telecom equipment from international companies like Cisco is a threat to China’s national security. As such, it could have allowed NSA operatives to access int
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.