Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    Chinese Android Smartphones From Coolpad Get Security Warning

    By
    Todd R. Weiss
    -
    December 18, 2014
    Share
    Facebook
    Twitter
    Linkedin
      security

      Coolpad smartphones sold in China and Taiwan have been found to include a factory-installed backdoor software application that can be used to download unwanted software or perform a wide range of tasks without permission from users.

      The built-in security vulnerability was revealed Dec. 17 by the Unit 42 threat research team at Palo Alto Networks in a post on the company’s security vulnerability blog. Unit 42 has named the backdoor “CoolReaper.”

      “We recently discovered that the software installed on many of Coolpad’s high-end Android phones includes a backdoor which was installed and operated by Coolpad itself,” the post states. “After reviewing Coolpad complaints on message boards about suspicious activities on Coolpad devices, we downloaded multiple copies of the stock ROMs used by Coolpad phones sold in China. We found the majority of the ROMs contained the CoolReaper backdoor.”

      The CoolReaper backdoor can download, install or activate any Android application without user consent or notification, and can clear user data, uninstall existing applications and disable system applications, according to the post. It can also notify users of fake over-the-air (OTA) updates that don’t deliver updates but instead install unwanted applications, the post added. In addition, the backdoor can send or insert arbitrary SMS or MMS messages into the phone, dial arbitrary phone numbers and upload information about device, its location, application usage, calling and SMS history to a Coolpad server, according to Unit 42.

      “We expect device manufacturers to install software on top of Android that provides additional functionality and customization, but CoolReaper does not fall into that category,” the post continued. “Some mobile carriers install applications that gather usage statistics and other data on how their devices are performing. CoolReaper goes well beyond this type of data collection and acts as a true backdoor into Coolpad devices.”

      The resulting problems have been reported by Coolpad customers in China, the post explained. “Complaints about this behavior have been ignored by Coolpad or deleted.”

      Coolpad is the sixth largest smartphone manufacturer in the world and is the third largest in China, according to Unit 42.

      “CoolReaper is the first malware we have seen that was built and operated by an Android manufacturer,” according to the post. “The changes Coolpad made to the Android OS to hide the backdoor from users and antivirus programs are unique and should make people think twice about the integrity of their mobile devices.”

      Ryan Olson, the intelligence director at Unit 42, told eWEEK in a Dec. 18 interview that evidence of the backdoor was found by another Unit 42 researcher while he was scanning Chinese user forums and spotted many reports of users who said that their phones were displaying strange behaviors.

      “He investigated, and that’s really what kicked it off for us,” said Olson. Coolpad only sells one smartphone in the United States, the Coolpad Flo, but that model does not include the backdoor vulnerability that affects the company’s phones that are sold in China and Taiwan, he said.

      “We’ve never seen this before” where a company would install an application like this before selling it to consumers, said Olson. “The code even includes statements such as ‘we are opening the backdoor.'”

      Olson said he’s not sure why the code was included, but added that the manufacturer could have rationalized it by thinking it could include a system that would display ads or download a video game for a company in exchange for some revenue. “But when they were building that system, they clearly built a lot of other capabilities into it as well,” he said. “The capability is certainly there to pretty much install anything. They may have seen it as for good, but any time you open a backdoor it is risky.”

      Buyers of any phones should know ahead of time of potential issues like this one, said Olson. “This may only include phones in China and Taiwan, but they should at least be aware of it,” he said.

      The backdoor is “contained in millions of Android devices” sold by Coolpad and is “difficult for Android antivirus programs to identify and remove this backdoor,” Unit 42 stated in a related post.

      Todd R. Weiss
      As a technology journalist covering enterprise IT for more than 15 years, I joined eWEEK.com in September 2014 as the site's senior writer covering all things mobile. I write about smartphones, tablets, laptops, assorted mobile gadgets and services,mobile carriers and much more. I formerly was a staff writer for Computerworld.com from 2000 to 2008 and previously wrote for daily newspapers in eastern Pennsylvania. I'm an avid traveler, motorcyclist, technology lover, cook, reader, tinkerer and mechanic. I drove a yellow taxicab in college and collect toy taxis and taxi business cards from around the world.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×