The Coolpad Flo Android phone.
Bad news for China: Some of the country's favorite Android phones may be compromised from the moment they come off the shelf. Many models of Coolpad phones, which is big in China and Southeast Asia and is sold to North American customers in online stores, may contain a backdoor known as "Coolreaper," which can let attackers hijack the device from top to bottom.
The information comes from Santa Clara, California-based Unit 42, a subdivision of Palo Alto Networks, which focuses on online security. Unit 42 released a lengthy report on the Coolreaper phenomenon and explained how the backdoor can exploit consumers, both in China and overseas, even if they take all the right security precautions with their phones.
As described in the report, Unit 42 discovered that many Coolpad phones sold in China came with the Coolreaper backdoor pre-installed. If hackers take advantage of this flaw (and it's very easy to do), they can download and install whatever software they choose, erase user data, send and receive text messages, make phone calls and copy any and all information on the phone to a remote server.
The bad news is that the flaw does not appear isolated to one particular model of phone, meaning that Coolreaper is very much a systemic vulnerability. As such, Unit 42 theorizes that Coolreaper may have been developed by Coolpad itself, and may be using it to fleece its customers. Why Coolpad would want to jeopardize its reputation like that is anyone's guess.
If you own a Coolpad phone, your best bet may be to wipe the existing Android build and replace it with the stock Android OS straight from Google — or sell it to someone who will.
Because Coolreaper exists in the most fundamental levels of the phone's operating system, it's extremely hard to get rid of otherwise. Even if you do, there's nothing preventing Coolreaper using data it's already acquired from you to install new malware on your device to continue monitoring you.
In June of this year, a different brand of Chinese-made Android phone was found to be pre-loaded with spyware, and a month later, a brand of Chinese-made commercial-inventory barcode scanners were as well. As always, be careful what you store on your phone and run an antivirus sweep now and then.
- Blackphone Review: All-Encompassing Security
- Norton Security 2015 Review: One Size Fits All
- Mobile Security Guide: Everything You Need to Know