Chinese smartphones take user data around the world

September 18, 2021 13:43 GMT+7

From low-cost budget smartphones to high-end models, Chinese phones have traditionally taken user data around the world to send to manufacturers in China.

In 2016, the New York Times reported that with just a 50 USD ‘made in China’ phone, all user messages would be sent back to China every 72 hours. A US manufacturer said that more than 120,000 customers’ phones were affected by this issue, and had to conduct a software update to remove the ‘hidden’ feature. These phones that collect user information include both Huawei and ZTE

After a while, security service provider Secure-D discovered another more serious case in 2020. According to Secure-D, smartphones of Tecno in Shenzhen (China) were pre-install spyware on your computer.

Tecno’s phone was discovered to have stolen user data.

With two malware called xHelper and Triada pre-installed on the Tecno W2, Secure-D detected more than 844,000 fraudulent transactions made between March and December 2019. These models are mainly sold in Africa, Indonesia and India.

Also around this time, exclusively answering Forbes, two security researchers Gabriel Cirlig and Andrew Tierney said, Xiaomi still collects user’s surfing data even in incognito mode. This data includes all URLs and search queries made on Mi Browser Pro and Mint Browser. Up to that point, these two apps had more than 15 million downloads on the Google Play Store.

Xiaomi has denied this research, although it has since quietly updated the aforementioned browsers to new versions and stopped collecting user data when browsing in incognito mode.

With such immortal achievements, it is not surprising that in May, PCMag newspaper discovered a ‘made in China’ phone that sent data to the place of manufacture. It’s a $84.99 Jethro SC490, sold in the US and Canada, but sends location and Wi-Fi data back to China.

Chinese smartphones take user data around the world
A cheap phone made in China for sale on Amazon is also taking US user data.

Notably, Jethro is a small Canadian company that orders phones to be manufactured in China and customized to sell in the North American market. This prompted PCMag to continue investigating with other similar companies and discovered the vulnerability was in the Chinese GPS service provider and OTA update service provider. North American manufacturers then had to remove this ability to collect user data by updating the software themselves (firmware) for customers.

In addition to phones, Chinese applications also have many notoriety in collecting user data, among which are the applications of Cheetah Mobile in Beijing (China) that have grown with more than 1 billion times. download on Google Play Store.

Therefore, users need to exercise extreme caution when using Chinese phones and agree to grant access to Chinese apps.

Phuong Nguyen (synthetic)

Chinese hackers attack 5 Southeast Asian carriers

Chinese hackers attack 5 Southeast Asian carriers

According to security firm Cybereason, at least five Southeast Asian telecommunications service providers have been attacked by Chinese hacker groups over the years.


Leave a Reply

Your email address will not be published. Required fields are marked *