tag:blogger.com,1999:blog-12571986495414412482024-03-21T18:14:41.450-07:00All About SmartphonesSachin Jagtaphttp://www.blogger.com/profile/10570989964614746590noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-1257198649541441248.post-85029310877703952772014-12-31T22:52:00.000-08:002014-12-31T22:52:07.020-08:00Pre installed Backdoor found in Chinese Smartphones<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZUaZnRFdUwUEzLm0ykEnC3EuDVkNucPWhM37IJvGZ-xqjcBVgVnrIuzc_bGzgQNL5k3JfOk_4c5Jvj92Vv9ZOiL1TnKR9nTTea_ml4g5Thxq7BT5uh-8WQH342pUeg7npwLUfbncWm60/s1600/what.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZUaZnRFdUwUEzLm0ykEnC3EuDVkNucPWhM37IJvGZ-xqjcBVgVnrIuzc_bGzgQNL5k3JfOk_4c5Jvj92Vv9ZOiL1TnKR9nTTea_ml4g5Thxq7BT5uh-8WQH342pUeg7npwLUfbncWm60/s1600/what.jpg" height="220" width="320" /></a></div>
<br />
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Chinese smartphone manufacturers have again been
critized for having Backdoor in their handsets. But this time a different
vendor’s name has come up. Earlier the popular Chinese smartphone brands, Star
N9500 and Xiaomi name came up but now the China’s third largest and world’s
sixth largest mobile manufacturer ‘CoolPad’, has joined the list.<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;"> Android
smartphones sold by Chinese smartphone maker Coolpad Group Ltd contains an <i>extensive “backdoor” </i>that is able to
track users, push unwanted pop-up advertisements and install unauthorized apps
onto users phone without their permission, alleged a U.S. security firm.<o:p></o:p></span></div>
<div class="MsoNormal">
<b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">MORE
THAN 10 MILLION USERS at RISK<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Researchers at Silicon Valley online security firm
Palo Alto Networks discovered the backdoor “<b>CoolReaper”</b>, pre installed on 24 Coolpad Android handset models,
including high end ones. The attackers can completely hijack users Android
device by gaining their device information with the help of the backdoor.<o:p></o:p></span></div>
<div class="MsoNormal">
<b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Features
of CoolReaper backdoor:<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">According to Ryan Olson, intelligence director at
Palo Alto, CoolReaper backdoor has ability to:<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpFirst" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Download,
install aand activate any Android application without users knowledge.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Connect
to number of command and control(C&C) servers.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Wipe
user data, uninstall applications or disable system applications.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Send
fake software updates to devices.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Send
or insert arbitrary SMS or MMS messages into the phone.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Call
arbitrary phone numbers.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpLast" style="mso-list: l0 level1 lfo1; text-indent: -.25in;">
<!--[if !supportLists]--><span style="font-family: Wingdings; font-size: 12.0pt; line-height: 115%; mso-bidi-font-family: Wingdings; mso-fareast-font-family: Wingdings;">Ø<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal; line-height: normal;"> </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Upload
device information including its location, application, usage information,
calling and SMS history to Coolpad servers.<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">On examination of Coolpad smartphone models of
different country, researchers suspected that Coolpad smartphone come pre
installed with Coolreaper backdoor on handsets which are sold exclusively in
China and Taiwan.<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;">Coolpad is the first malware that is built and
operated by an Android manufacturer.China has been criticized many times for
its products. Six months ago another handset which was popular and also cheap,
Star N9500 smartphone came pre-installed with a Trojan that allowed
manufacturerto spy on users including personal data and conversations without
their knowledge. <o:p></o:p></span></div>
<br />
<div class="MsoNormal">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; line-height: 115%;"> Their
was another allegation against the popular Chinese smartphone manufacturer,
“Xiaomi of secretly stealing users information and sending it back to a server
in Beijing.<o:p></o:p></span></div>
</div>
Sachin Jagtaphttp://www.blogger.com/profile/10570989964614746590noreply@blogger.com1