There are widespread security concerns for Android users over a new backdoor security breach. Reports of compromised security show that information transmitted over such devices is sent to China. To say this is risky would be an understatement so businesses and users using Android phones must understand and take appropriate security measures to protect themselves and their organization’s data.
Firmware and software from different companies are used to make Android devices. AdUps in Shanghai China is one such company whose software is present in many devices. Revelations are that 700 million or more Android devices are secretly sending data to AdUps every 72 hours. This includes personal and business information like phone call lists, contact lists, and text messages. This was first reported in the New York Times suggesting that devices in the U.S are most vulnerable but you should worry even if you don’t live here. The company allegedly provides software to larger handset manufacturers like Huawei which have a global footprint. Besides sending your contact information, the software can also update and install software on your device without your knowledge. They are also capable of identifying your location and can track app data not to mention the fact that it could easily reprogram your device.
This was discovered by Kryptowire, a security company whose specialty is the detection of potential risks or breaches. They revealed that many devices contain firmware by AdUps but this is unknown to Android users. The software covertly sends personal, privileged information to a server in China for unclear reasons. In their defense, AdUps claim that this software was developed specifically for a client that needed to track such information for purposes of monitoring customer service and satisfaction. It has since been established that the secret backdoor is intentional but U.S. authorities are yet to figure out whether this was solely for advertising or a well laid out government surveillance scheme.
However, Kryptowire found it on other products designed for another client and worry that it might affect others who work with AdUps. Data leaks to other companies and countries is particularly dangerous for businesses and individuals alike. Backdoor access not only leads to data being transmitted to AdUps but it also gives leeway for other people to take advantage and control over a device without the knowledge or permission of its owner.
It is unfortunate that users can’t remove or disable this backdoor but companies are trying hard to patch the situation. Google is frantically trying to catch up with these findings and those affected, to shut down the backdoor access. This is to them the only way of protecting user data on Android devices across the globe. ZTE-a popular handset manufacturer- came out to clarify that their devices don’t contain this software and that they are hard at work to guarantee users’ privacy. If you are concerned that your corporate devices might be affected, quickly contact us and we can discuss your risk. This data breach is significant as there is no telling whether you are in control or not and there could be huge losses arising from your information landing in the wrong hands.