So, begins Sam Skontos, vice-president and regional managing director South-east Asia and Pacific, for Alcatel – not one of the Chinese smartphone makers caught receiving sensitive data from its smartphone users. (iTWire article here).
Skontos was in full flight or is that full fight. “We work so damned hard to establish a Chinese brand in Australia and do absolutely the right thing. Then some Chinese manufacturers come into the markets, do not disclose this type of activity to anyone including industry stakeholders, and show no regard whatsoever for consumer security and privacy laws, until of course they are caught out.
“The damage has been done, and questions need to be asked about why this spyware was on their handsets in the first place,” he fumed. “Alcatel and its parent company, TCT Mobile, has no relationship with Adups and has no such firmware on any of its devices," he added.
For the record Alcatel/TCT Mobile conducts their Firmware Over The Air (FOTA) updates through its own in-house servers, not through third-party suppliers.
Skontos softens a little and cautions, “Do not tar all Chinese companies with the same brush. Alcatel has a significant local presence and works hard to localise every single device. You will not find any such spyware on our devices because we respect our customers and the right to strictly protect their privacy and security. The responses so far from those companies named should only worry consumers and authorities more.”
Spyware found and used by Adups Technology on behalf of various Chinese manufacturers was analysed by Kryptowire.
These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI).
The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and could remotely reprogram the devices.
The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users' consent and, in some versions of the software, the transmission of fine-grained device location information.
Some handsets transmitted the body of the user's text messages and call logs to a server in located in Shanghai. All of the data collection and transmission capabilities identified were supported by two system applications that cannot be disabled by the end user.
There is a good article here on how to identify and remove the Adups software using “Debloater”.