A cybersecurity research firm says “several” models of Android mobile phones forward users’ personal information to a Chinese company.
Kryptowire discovered the security issue in Android devices using a commercial firmware updating service run by Adups Technology. The phones are designed to forward information — including the “full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI)” — back to Adups in Shanghai, the security firm wrote in a press release.
The affected phones also transmit data about app usage and allow Adups to install apps and run other commands without a user’s consent.
Phones using Adups include the popular BLU R1 HD sold at major retailers.