‘Several’ Android phones transmit personal information to China

A cybersecurity research firm says “several” models of Android mobile phones forward users’ personal information to a Chinese company.

{mosads}Kryptowire discovered the security issue in Android devices using a commercial firmware updating service run by Adups Technology. The phones are designed to forward information — including the “full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI)” — back to Adups in Shanghai, the security firm wrote in a press release.

The affected phones also transmit data about app usage and allow Adups to install apps and run other commands without a user’s consent.

Phones using Adups include the popular BLU R1 HD sold at major retailers.

The Adups website claims that more than 700 million devices worldwide rely on its updating service.

According to The New York Times, Adups informed BLU that it had designed a system to provide the backdoor access to phones and harvest personal information for a Chinese phone manufacturer that wanted to keep tabs on its users.

It was not, said Adups’ written explanation reviewed by the Times, meant for United States distribution.