Leak in management gave hacker remote access to Coolpad smartphones




A leak in a tool that was meant only as Coolpad for “internal test” contained a leak, so attackers could take over potentially millions Coolpad smartphones. The tool would have been accidentally firmwares appliances.

The tool can perform include updates of applications on the phone, dial random numbers, send text messages and fake open remote URLs. Thus, it was thanks to the leak in theory possible to retrieve data from the smartphone and take the aircraft completely. The leak is 20 November by a Chinese hacker reported on a Chinese site for responsible disclosure, but is only now coming to the attention by a report from security company Palo Alto Networks on the subject. The leak seems poem yet, despite Coolpad confirmed the leak last month.

The tool, which has been named Cool Reaper Palo Alto Networks is according to a spokesman for Coolpad intended for internal use, reports the Chinese news Aqnui. That statement does not seem conclusive: past year, various users of Coolpad smartphones ads as notification had pushed through the system. The tool is not in any firmware Coolpad smartphones, which it seems no necessity or standard part of the firmwares.

All manufacturers have testing tools for internal use, which they have extensive access on smartphones. Also, manufacturers on models sold to consumers systems are to push eg over-the-air updates and to read from a distance with problems where the error might have gone. The manner in which Coolpad do, namely, with the possible not to let them know to the user, is unusual.

Coolpad supplies are devices almost exclusively in China, where it has sold millions of possible devices according to Palo Alto Networks with the Cool Reaper tool in the firmware. How many users now have the tool in their firmware sit have is unknown. Coolpad is the sixth largest smartphone maker in the world.


In: Technology & Gadgets Asked By: [15585 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »