SmartPhone BackDoor: Infinix, Blu, Others Chinese Phone Secretly Send Your Data To China - Techpill - Tech Tips, News And More


Post Top Ad

Tuesday 22 November 2016

SmartPhone BackDoor: Infinix, Blu, Others Chinese Phone Secretly Send Your Data To China

Few weeks ago, a report hit the internet on how millions of budget Chinese smartphones secretly send users data; call logs, locations history, messages straight to China. And a BLU phone was mentioned in the smartphone backdoor scandal. But this time, another smartphone backdoor has been spotted with over three millions smartphones that are produced in china, A backdoor that leaves users at risk.

SmartPhone BackDoor: Infinix, Blu, Others Chinese Smartphone Secretly Send Your Data To China

The smartphone backdoor was discovered by Anubis networks - Some group of researchers, shows that the problem is caused by unsecured OTA update carried out by Ragentek Group, a Chinese software company that provides Over-The-Air update for different OEMs. 

infinix smartphone backdoor

Two unregistered domains are coded into these devices, in which they are contacted during OTA update and anybody could have taken advantage of this, register the domains, and initiate a widespread attack over millions of smartphones. Using  un-encrypted channel for OTA update not only leaves the device vulnerable to attacks but a specific user information can also be hijacked during transport. According to the report

This analysis revealed two critical discoveries: Firstly, the vulnerability described above allows for users to be subjected to significant attacks in positions where an adversary can perform a Man-in-the-Middle attack. Secondly, this OTA binary was distributed with a set of domains preconfigured in the software. Only one of these domains was registered at the time of the discovery of this issue. If an adversary had noticed this, and registered these two domains, they would’ve instantly had access to perform arbitrary attacks on almost 3,000,000 devices without the need to perform a Man-in-the-Middle attack. AnubisNetworks now controls these two extraneous domains to prevent such an attack from occurring in the future for this particular case.
Having said that, OEMs affected includes Infinix, BLU, Doogee, XOLO, Leagoo, and some Unnamed "Others"

No comments:

Post a Comment

Post Top Ad