Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Chinese Android phone maker hides secret backdoor on its devices

Gregg Keizer | Dec. 18, 2014
Coolpad's backdoor installs apps and tracks customers without their knowledge, say U.S. security researchers.

Palo Alto was able to obtain only one Coolpad smartphone -- one of the models sold in the U.S. -- and did not find CoolReaper on the device. Olson suspected that only the Chinese models were fitted with the backdoor.

But he was certain this was more than an oversight, more than the usual Android malware that has been planted on some smartphones at some point in the supply chain.

"This would be a very amazing infiltration of Coolpad's systems by a rogue insider," said Olson. "And it's been going on for over a year, since October 2013." Other clues, he said, included CoolReaper's surreptitious behavior -- it hides itself from the operating system -- and the use of the word "backdoor" in its source code.

Coolpad did not immediately reply to a request for comment.

Palo Alto's CoolReaper research paper can be downloaded from the firm's website (registration required).

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.