AdUps Chinese spyware still on Android phones, including Blu

JC Torres - Jul 27, 2017, 9:47pm CDT
AdUps Chinese spyware still on Android phones, including Blu

They say good things never last and bad things last for ages. That seems to be the case with AdUps, a Chinese “technology firm” that was blatantly installing spyware on countless of Android smartphones worldwide. Despite being involved in a scandal that even got the US Homeland Security’s attention, AdUps’ operation continues and its spyware still infects entry-level and budget smartphones, even Blu Product’s own, which was at the heart of that scandal.

AdUps isn’t new to the scene and the fact that it has survived two major exposes is rather disturbing. Back in 2015 it was already linked to Indian OEM Micromax, who was reported to be remotely installing bloatware using AdUp’s software. Without user knowledge, much less consent, of course.

Things really came to a head it was discovered that AdUps’ software was also found in Blu Product’s affordable unlocked Android phones. Now, while AdUps is actually on many such phones, the fact that the spyware was sending user data to a command and control center in China raised all sorts of red flags for the US government. Blu quickly tried to distance itself and promised to remove all traces of AdUps from its phones. Sadly, it doesn’t seem to be the case.

According to Kryptowire’s Ryan Johnson, who broke that news last year, some of Blu’s phones still use AdUps’ software. In fact, the spyware can still be found in many Android smartphones around the world. AdUps provides a firmware updater that these phones use instead of Google’s official updater, mostly because these small companies who sell phones at $50 to $100 a pop can’t afford to go through Google’s certification process.

Sadly, it is the user that pays the ultimate price. AdUps siphons all kinds of personal data from the user’s phone, including text messages, numbers, location, and more. It can detect if a phone is rooted or not, but that might not really matter because AdUps can also remotely install applications without user permission. These pieces of data are sent to a C&C server in China, ready to be given or sold to the highest bidder.

Blu and a few OEMs took immediate action last year because the US government got involved. The scenario this time might be a bit different and things might get swept under the rug. And even when AdUps itself scaled down its data harvesting, it was only too easy for it to scale back up again. Because as long as there are OEMs willing to make compromises to save on costs this way, AdUps will never run out of customers, or data to pilfer.

VIA: Cyberscoop

Must Read Bits & Bytes