back to article CoolReaper pre-installed malware creates backdoor on Chinese Androids

Security researchers have discovered a backdoor in Android devices sold by Coolpad, a Chinese smartphone manufacturer. The “CoolReaper” vuln has exposed over 10 million users to potential malicious activity. Palo Alto Networks reckons the malware was “installed and maintained by Coolpad despite objections from customers”. It' …

  1. Neil Alexander

    Ironic

    ... given how paranoid the Chinese are about backdoors in US and EU kit.

  2. Destroy All Monsters Silver badge
    Trollface

    Mister Wong recommends...

    "CE" now no longer means "China Export" but "CoolReaper Enhanced"

  3. ThatGuy

    Click bait much?

    A more accurate title would be: "Obscure Chinese phone manufacturer installs malaware on devices." Where did you study journalistic integrity, law school?

    1. Tom Samplonius

      Re: Click bait much?

      "Obscure Chinese phone manufacturer installs malaware on devices."

      Right. That is why CoolPad why a website @ http://coolpadamericas.com/ that lists a north american toll-free number and three US physical locations. Oh, and CoolPad is in the EU too. If CoolPad is obscure, what does that make Nokia?

  4. PNGuinn
    Flame

    Image Analysis...

    John - did YOU choose thst image? If so you need help.

    If not - PLEASE find out who did and offer him / her / it some help - preferably with a cattle prod.

    Seriously - I'm sure not everyone has unlimited bandwith to waste on Heroney Mouse on a bad day.

  5. LDS Silver badge

    That's why pre-installed, customizable OS are a risk.

    Devices where the OS comes preinstalled and customized by a manufacturer are always a risk - and it doesn't matter where the device comes from.

  6. Alan Denman

    marketing ?

    So are you going to market the 'Apple backdoor' too ?

  7. Anonymous Coward
    Anonymous Coward

    Not just a Chinese problem

    They sell Coolpad phones and tablets in Walmart here in the states.

  8. razorfishsl

    So what is new

    This is nothing new.

    I worked with a number of Chinese manufacturers on the development of tables

    Nearly all Chinese devices come with backdoors and malware already installed by the manufacturers.

  9. waynep

    They make phones for Vodafone, in particular that cheap 4G Android phone they've been advertising very heavily recently.

    1. Anonymous Coward
      Anonymous Coward

      Checking...

      A relative of mine has bought (actually got bounced by a Vodafone salesman into buying) a "Vodafone Smart 4 turbo" phone, which does indeed bear the name of Yulong, the manufacturers with the Coolpad brand, model number 889N.

      I registered with Palo Alto Networks in order to find out which files are diagnostic:

      "...components are contained in

      packages with the following file names:

      • /system/app/CP_DMP.apk

      • /system/app/CP_DMP.odex

      • /system/app/GoogleGmsFramework.apk

      • /system/app/GoogleGmsFramework.odex

      • /system/lib/libgmsframework.so"

      I can confirm that, in this specimen of Smart 4 turbo, none of those files are visible in the 'ES File Explore' file manager app; the report doesn't say that the files are hidden or anything, so I am cautiously concluding that the phone is not carrying the CoolReaper backdoor.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021