Backdoor: Infinix, Blu, Others Chinese Phone Secretly Send Your Data To China - Phones - Nairaland
Nairaland Forum / Science/Technology / Phones / Backdoor: Infinix, Blu, Others Chinese Phone Secretly Send Your Data To China (740 Views)
Chinese Phone Makers Force Samsung To Delay Release Of Galaxy Note 9 / 10 Cheap Chinese Phone That Look Like Samsung Galaxy S8 / Glo Offers Full Day Of Free Data To Customers (2) (3) (4)
(1) (Reply)
| Backdoor: Infinix, Blu, Others Chinese Phone Secretly Send Your Data To China by TechPill: 2:01pm On Nov 22, 2016 |
Few weeks ago, a report hit the internet on how millions of budget Chinese smartphones secretly send users data; call logs, locations history, messages straight to China. And a BLU phone was mentioned in the smartphone backdoor scandal. But this time, another smartphone backdoor has been spotted with over three millions smartphones that are produced in china, A backdoor that leaves users at risk. The smartphone backdoor was discovered by Anubis networks - Some group of researchers, shows that the problem is caused by unsecured OTA update carried out by Ragentek Group, a Chinese software company that provides Over-The-Air update for different OEMs. Two unregistered domains are coded into these devices, in which they are contacted during OTA update and anybody could have taken advantage of this, register the domains, and initiate a widespread attack over millions of smartphones. Using un-encrypted channel for OTA update not only leaves the device vulnerable to attacks but a specific user information can also be hijacked during transport. According to the report This analysis revealed two critical discoveries: Firstly, the vulnerability described above allows for users to be subjected to significant attacks in positions where an adversary can perform a Man-in-the-Middle attack. Secondly, this OTA binary was distributed with a set of domains preconfigured in the software. Only one of these domains was registered at the time of the discovery of this issue. If an adversary had noticed this, and registered these two domains, they would’ve instantly had access to perform arbitrary attacks on almost 3,000,000 devices without the need to perform a Man-in-the-Middle attack. AnubisNetworks now controls these two extraneous domains to prevent such an attack from occurring in the future for this particular case. Having said that, OEMs affected includes Infinix, BLU, Doogee, XOLO, Leagoo, and some Unnamed "Others" You think Your Android is Safe? use the comment box below Source: http://www.techpill.net/2016/11/smartphone-backdoor-infinix-blu-others.html seun, lalasticlala, mynd44 [img]http://4.bp..com/-LSCRsBN8LUc/WDQ68tIneyI/AAAAAAAABYY/SPNyMYRIcGcvGKWG0YWvymjjEK6XW9V-gCK4B/s1600/smartphone-backdoor.jpg[/img] |
| Re: Backdoor: Infinix, Blu, Others Chinese Phone Secretly Send Your Data To China by TechPill: 2:02pm On Nov 22, 2016 |
What's your say? |
(1) (Reply)
Could BBM Make A Strong Comback? / 8 Features That Make Your Android Phone Extra Smart / See How A Nairalander Detected A Fake Infinix Note 3
(Go Up)
| Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 11 |