20 Dec Backdoor Still Present in Many Android Devices
Last Tuesday, the Malwarebytes security research team warned that most Android devices will probably still have a backdoor which may send back sensitive data to servers in China.
The team said that the backdoor is an unremovable app made by a Chinese developer called Adups, which is also responsible for the backdoor app discovered by Kryptowire in November 2016. The backdoor firmware code harvests SMS messages, call history, address books, app lists, phone hardware identifiers, and can also install new apps or updating existing ones.
The new unremovable backdoor app was identified as “com.adups.fota.sysoper” or “com.fw.upgrade.sysoper”, which appear in the phone’s app list as “UpgradeSys” (FWUpgradeProvider.apk) It is found mostly on low-end Android phones.
Source: Bleeping Computer