Spying Software Pre-installed on Chinese Star N9500 Smartphone

23 June, 2014 at 09:48 | Posted in China, espionage, IT and Media, Society | Leave a comment
Tags: , , , , ,

By Joshua Philipp
Epoch Times

Anyone looking for a cheap smartphone may get more than they bargained for. German security company G Data found that Chinese smartphones are being shipped with pre-installed spying software.

The Generic Star N9500 has a 5-inch screen, dual cameras, and a quad core processor. It also comes with the Uupay.D spyware program, pre-installed, which steals data from the phone and relays it back to a server in China.

“The possibilities with this spy program are almost limitless,” said Christian Geschkat, G Data’s product manager for mobile solutions, in a blog post.

With the spying software, the phone can retrieve your personal data, listen to your phone calls, get your online banking data, read your emails and text messages, and China’s hackers can remotely control your camera and microphone.

The smartphone is manufactured in China and sold on Amazon and eBay for around $159.99.

Aside from being a major invasion of privacy, the data gathered on the phone can be used by criminals for bank fraud, credit card fraud, and online scams.

The spying software is disguised as a Google Play service that runs in the background without the user’s knowledge. It can also quietly install new software without the user’s knowledge.

Geschkat noted they began researching the phone after one of their customers said it sprang an alarm on a computer security program.

They found the Uupay.D spying program in the phone’s firmware, the fundamental layer of code that interacts with the hardware. The Google Play icon it poses as cannot be disabled, nor can it be removed.

Geschkat said that the recipients of the stolen data, and how the data is used, are still unknowns.

via Spying Software Pre-installed on Chinese Star N9500 Smartphone – The Epoch Times


Pre-Hacked Electronics Come Straight From China’s Factories

25 November, 2013 at 16:18 | Posted in China, espionage, IT and Media, Society | Leave a comment

A simple tea kettle could open the door to cyber crime in one’s own home

By Joshua Philipp
Epoch Times

While inspecting shipments from China, Russian customs agents found something odd. Inside several of the kettles and irons they found WiFi chips and microprocessors. If the devices were plugged in, the chips would search for unsecured WiFi networks up to 650 feet away, then “call home” to grant access to cybercriminals.

While the unusual form of cybercrime took researchers by surprise, it was only the latest in an emerging threat of hacked electronics coming straight from the Chinese factories.

There is a long list of devices riddled with backdoors, infected with malware, or fitted with spying devices before leaving Chinese factories. These range from kettles to laptops, from USB keys to cameras, and from consumer software right up to military components.

In June 2011, Hong Kong newspaper Apple Daily uncovered recording devices installed in all dual-plate Chinese-Hong Kong vehicles. They were labeled as “inspection and quarantine cards,” and were installed free of charge by China’s Shenzhen Inspection and Quarantine Bureau.

In June 2010, an auto-run virus in China-made memory cards in Olympus Stylus Tough cameras was infecting computers in Japan. The virus was uncovered just a week after an identical virus was in the memory cards of Samsung smartphones. Prior to that were viruses in devices including China-made TomTom GPS systems, and Insignia digital picture frames sold at major outlets, including Best Buy, Target, and Sam’s Club.

While the recently discovered chips in kettles and irons were among the more bizarre cases, they were also among the least sophisticated. They only targeted WiFi networks not protected with passwords. In Russia, where the devices were found, this would have been a threat. In the United States, where most networks are protected, it wouldn’t be much of a threat.

Yet, the concern is less about the chips themselves, and instead what they could mean for the future of cyberthreats.

“This is a generation beyond what we’ve seen before,” said Chester Wisniewski, senior security advisor at cybersecurity company Sophos, regarding the spy kettles and irons.

Wisniewski said the chips were not very concerning, yet with a bit of work they could be. They could easily be programmed to bypass password protected networks, and being both small and inexpensive, the recent discovery could very well be only the tip of the iceberg.

“Who’s to say these things couldn’t be put into any device on anybody’s home network,” he said. “They could be in anything you plug in. Anything that gets power, this kind of thing can be hidden inside it.”

A Hidden Threat

Greg Schaffer stood before congress on July 8, 2011. At the time, Schaffer worked in the cybersecurity office of the Department of Homeland Security. He was asked whether there are risks of having electronics built overseas.

Schaffer tried avoiding the question. Yet when he was pressed to give a clear answer, Schaffer gave a short, yet grim response.

Schaffer said he knew of cases where foreign-made devices had been pre-installed with infected software or hardware, noting “We believe there is significant risk in the area of supply chain.”

“This is one of the most complicated and difficult challenges that we have,” he said.

Schaffer’s on-record admission to the problem was one of few. Yet, the problem of spying electronics coming out of China, in particular, is frequent and ongoing.

Some of the most common vulnerabilities are “backdoors” left in products. These can resemble programming errors left by the creators—the nature of which makes it difficult to prove whether the backdoors are intentional or unintentional.

Backdoors in Chinese routers are frequently exposed by security researcher and former NSA employee Craig Heffner. Within the last month, Heffner uncovered several backdoors in routers from Chinese manufacturer Tenda, which sells Medialink routers, as well routers from D-Link. D-Link is headquartered in Taiwan, but its routers are manufactured in Mainland China.

Heffner told We Live Security, the blog of cybersecurity company ESET, that a Nov. 10 backdoor in D-Link routers appears to have been left deliberately.

“You can access the Web interface without any authentication and view/change the device settings,” Heffner said, noting that the access code for the backdoor was found on a Russian cybercrime forum.


The most controversial routers come from Chinese telecom companies ZTE and Huawei. The House Intelligence Committee released a report in October 2012 warning American businesses to avoid the two companies due to security risks. Similar warnings against Huawei, in particular, have been upheld by governments around the world, including in Taiwan and Australia.

“China is known to be the major perpetrator of cyber espionage, and Huawei and ZTE failed to alleviate serious concerns throughout this important investigation,” said Mike Rogers, chairman of the House Intelligence Committee, in a press release. “American businesses should use other vendors.”

Huawei has launched a public relations campaign to fire back, yet independent research has only justified concerns. Just prior to the report from the House Intelligence Committee, in July 2012, security researchers at hacker conference Defcon uncovered critical, and extremely basic, vulnerabilities in Huawei routers.

“This stuff is distrusting,” Dan Kaminsky, a well-known security researcher, told International Data Group News Service. “If I were to teach someone from scratch how to write binary exploits, these routers would be what I’d demonstrate on.”

They also noted that, going with Huawei’s infamous lack of transparency, it had no security contact for reporting vulnerabilities.

According to Wisniewski, however, the nature of the threats—and of cybersecurity, in general—makes it difficult to prove guilt.

“The problem is there’s a scarcity of truth, and there is unlimited room for speculation,” Wisniewski said. “Only the person who wrote the code knows.”

via Pre-Hacked Electronics Come Straight From China’s Factories » The Epoch Times

You may also like

More in China Business & Economy

Chinese policemen set up anti-corruption billboards in Central Beijing, June 11, 2007. (Teh Eng Koon/AFP/Getty Images)
More Chinese Executives in Prison Than Mexican Drug Lords

This picture taken on September 24, 2013 shows Chinese 100 yuan (RMB) bank notes being counted at a bank in Huaibei, in eastern China's Anhui province. According to Shanghai Security News US$212 billion left China during the period Oct. 1-27. (STR/AFP/Getty Images)
Chinese Businessmen Take Their Money and Run

Blog at WordPress.com.
Entries and comments feeds.