More Backdoors Found in Low-Cost Android Devices

About 2.8 million Android devices have a vulnerability in the over-the-air update system that would allow attackers to install and configure applications, according to researchers.

The problem lies with software made by Chinese company Ragentek Group, which exposes user information through unencrypted communications and is susceptible to man-in-the-middle attacks, according to a Threatpost report. The software appears in about 55 identified device models, including those made by brands BLU Products, Infinix Mobility and others.

AnubisNetworks, which disclosed the vulnerability Nov. 17, also said devices out of the box attempted to contact two unregistered domains. The researchers said if attackers registered the domains, they could have accessed the nearly 3 million devices without using a man-in-the-middle attack.

Security firm Kryptowire last week discovered code in some Android smartphones that send full texts, call logs, contact lists and location details to Chinese servers, according to The New York Times. The code, written by Shanghai Adups Technology Company, appears in 700 million devices around the world, though this version was designed to help a Chinese manufacturer monitor user behavior, the report said. BLU Products said the software affected 120,000 of its phones and has since updated the software.