Jump to content

Malware found preinstalled on Xiaomi, Huawei, Lenovo and other Chinese phones


Recommended Posts

Posted

The link is a PDF. As fair as I can see it's malware free.

biggrin.png

INFECTED MODELS (EXCERPT) Xiaomi MI3 Huawei G510 Lenovo S860 Alps A24 Alps 809T Alps H9001 Alps 2206 Alps PrimuxZeta Alps N3 Alps ZP100 Alps 709 Alps GQ2002 Alps N9389 Andorid P8 ConCorde SmartPhone6500 DJC touchtalk ITOUCH NoName S806i SESONN N9500 SESONN P8 Xido X1111

Link

Posted

I had a non-rooted i-Mobile smartphone up till early July. Then i-Mobile modified their system update application (that I will NEVER see a system update from) to start serving ads every day. Funnily they started with some 'test' messages and 'test' graphics (I don't think those were really meant go really go out), then full on ads every day.

So if your inexpensive non name-brand phone doesn't have malware now, they can always have their "phone-home app" install some.

Posted

"suspect middlemen of being the perpetrators. In addition to

the revenue gained from selling on the mobile device, they

try to make additional financial gains from stolen user data

and enforced advertising."

So they believe a 'distributor' is opening each box and reflashing the phones with modified firmware that contains tainted applications then sending them on to be sold?

Hopefully they're making more money than the labor and logistic costs involved.

Posted (edited)

So do all the western makes.

Just different hackers going through the back door...

You obviously didn't quite get the "Pre-installed" bit....

MInd you I once bought a cheapie external hard drive shrink-wrapped from a Chinese factory, only to find when I unboxed it that it was jam packed with thousands of MP3's. Result.

biggrin.png

Edited by Chicog
Posted

So do all the western makes.

Just different hackers going through the back door...

You obviously didn't quite get the "Pre-installed" bit....

MInd you I once bought a cheapie external hard drive shrink-wrapped from a Chinese factory, only to find when I unboxed it that it was jam packed with thousands of MP3's. Result.

I got the pre-installed bit. But every time we turn around we read another leaked document indicating the world's governments are strong arming their tech companies to help them track the communications of the people of the world in the name of fighting terror and money laundering. And forcing those same tech companies to secrecy about what they're doing for the governments.

So I contend that every cell phone made anywhere in the world has some government's software (and/or hardware) to allow the governments in the back door. And if the governments can get in, so can a hacker.

We just hear about the malware from "the other guys".

Posted

Several years ago the US Government banned the importation of Huawei 'phones due to their alleged pre-installed recording software that sent data back to China.

I had one of the early Huawei 7" tablets. It was a great device.

Quite a cloak and dagger story about a US programmer who was lured by Huawei to work for them in HK. Turned up deceased. I don't remember all the ins and outs, but can recall it was a fascinating story. I'm sure a Google search will surface the details, if anyone is interested.

Posted

Therefore, the first thing I do when buying a new smartphone is rooting the phone and reinstalling Android. Unfortunately, by doing so you lose your phone guarantees but at least care about their data security and privacy.

Posted

<...> rooting the phone and reinstalling Android.

Really? You reinstall android by, choose one:

  • completing a factory reset
  • downloading original sha256 verified OEM firmware found on the Internet and reflash the phone
  • complete a factory reset, do some hokery pokery with some software that 'some guy' posted on the Internet that 'roots' my phone, then remove the bloatware and other stuff.
  • download a 'debloated copy' of the supposedly original firmware from 'some guy' off the Internet and reflash the phone
  • get replacement custom firmware from 'some guy' off the Internet and reflash the phone
  • build then compile your own Kernel, Libraries (and modules), Bootloader, Recovery, Radio, System Apps, Framework, Core, android-runtime environment, etc... from open source. The modules (hardware support) and Radio being your own creations.
Posted

<...> rooting the phone and reinstalling Android.

Really? You reinstall android by, choose one:

  • completing a factory reset
  • downloading original sha256 verified OEM firmware found on the Internet and reflash the phone
  • complete a factory reset, do some hokery pokery with some software that 'some guy' posted on the Internet that 'roots' my phone, then remove the bloatware and other stuff.
  • download a 'debloated copy' of the supposedly original firmware from 'some guy' off the Internet and reflash the phone
  • get replacement custom firmware from 'some guy' off the Internet and reflash the phone
  • build then compile your own Kernel, Libraries (and modules), Bootloader, Recovery, Radio, System Apps, Framework, Core, android-runtime environment, etc... from open source. The modules (hardware support) and Radio being your own creations.

What could possibly go wrong?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...