TechAdvisory.org

Technology Advice for Small Businesses

Android users’ information at risk?

2016november29_android_cAndroid users may have been inadvertently exposed to a major data breach that could have tracked and transmitted a vast amount of information and data from Android devices to hubs and users in China. Some of this data includes call histories and text messages, and various other data that most users would prefer be kept private. If you are an Android user, it is vital that you learn the details about this data breach and how it may affect you.

Android devices are made with various software and firmware from a variety of companies. One company that creates firmware and software for numerous companies around the world is known as Adups, a Chinese company based in Shanghai. One of the features of the offerings is that the firmware or software automatically sends data back to Adups every 72 hours. The data sent includes information like contact lists, phone call lists, and text messages.

A company known as Kryptowire, a security firm that specializes in detecting potential risks and breaches, found that the firmware developed by Adups may have been installed on a wide array of Android devices, unbeknownst to consumers that purchased the products. Adups, for its part, claims that the software was developed for a specific client that needed to track such information to determine customer service and satisfaction.

Even if the software was designed only for one specific client, Kryptowire found it on the product of at least one other Adups client and has concerns that other companies and devices that work with Adups may also be affected. The leaking of data to Adups or other companies and persons in China (or anywhere in the world) represents a huge security risk for both business and individual Android product users. The backdoor access to the device does not just let data get transmitted to Adups but makes it possible for someone to access and take control of the device without the Android device owner knowing or allowing the access.

As of yet, Google is attempting to catch up with Kryptowire’s findings and the known affected clients to try to close this backdoor access and keep user data as safe and secure as possible. Contact us for further information or to find out whether your device is one of those known to be affected by this significant and worrisome data breach.