Catalin Cimpanu, writing for BleepingComputer: Many Android users may still have a backdoor on their device, according to new revelations made today by the Malwarebytes’ mobile security research team. Their discovery is related to the Adups case from last year. Back in mid-November 2016, US cyber-security firm Kryptowire revealed it discovered that firmware code created by a Chinese company called Adups was collecting vasts amount of user information and sending it to servers located in China. According to Kryptowire, the backdoor code was collecting SMS messages, call history, address books, app lists, phone hardware identifiers, but it was also capable of installing new apps or updating existing ones. The backdoor was hidden inside a built-in and unremovable app named com.adups.fota, the component responsible for the phone’s firmware-over-the-air update (FOTA) system.
Read more of this story at Slashdot.