Site icon LIFARS, a SecurityScorecard company

Some Smartphones Come Preinstalled with Chinese Spyware

LIFARS

This week seems to be all about smartphones. Unfortunately, we have to report on more bad news. This time it’s about spyware that comes preinstalled on a number of Android smartphones, including SONY and HTC.

The Hacker News reported today that some users noticed a suspicious folder on their phone named Baidu (for those not aware, Baidu is sort of a Chinese Google). Users are unable to delete or otherwise modify the folder directly from the device, because it instantly recreates itself. While the folder is suspicious, what really concerned everyone were the pings made to a Chinese server in Beijing.

According to the Hacker News, with the help of that Baidu folder, the Chinese Government can do the following:

This spyware was found mostly on Sony Xperia Z3 and Z3 Compact devices, as well as a few other Sony models. Some users of HTC are reporting that they also have the Baidu folder on their phones.

To prevent this service from connecting to the Chinese servers, you can take the following steps (credit: Xperia Blog):

  1. Go ahead and backup anything you need and factory reset.
  2. Remove your SIM card before powering back up.
  3. Skip through the initial setup options without connecting to a network.
  4. Open up Settings > Apps > Running and Force Close the two myXperia apps.
  5. Use the File Commander app and delete the Baidu folder from the internal storage.
  6. Open up Settings > About Phone > Tap the Build Number 7 times to enable developer mode.
  7. Enable USB debugging in the Developer Settings.
  8. Plug the Z3/Z3c into your PC and open up a command window with adb.
  9. Enter the following lines into the command window:

adb shell
pm block com.sonymobile.mx.android
exit
reboot

 

Exit mobile version