Chinese Coolpad devices open to abuse through dodgy backdoor

18 Dec 2014

Certain Coolpad Android devices, sold largely in China and Taiwan, are quite vulnerable to “malicious abuse” through its backdoor system, claims Palo Alto Networks.

House software installed on many high-end devices made by the tech giant – Coolpad is the sixth largest manufacturer of smartphones in the world – appears to allow for the download, installation or activation of any Android application, without user consent or notification.

In a remarkable piece of research, Palo Alto Network investigated the devices following a review of message board complaints about suspicious goings on with Coolpad smartphones.

Named ‘CoolReaper’, the backdoor flaw is found on many of Coolpad’s devices, and it can cause some really worrying issues for users. Palo Alto found six key tasks which the CoolReaper software can do, all of which should scare the hell out of owners.

Palo Alto Networks’ report on CoolReaper

Not only can it install apps without your consent, but it can also clear your data, uninstall apps, send SMS or MMS messages into the phone, dial numbers and upload info about the device and your use of it to a Coolpad server.

According to the report, Coolpad modified the Android OS used on many of its devices, tailoring it to “hide CoolReaper components from the user and from other applications operating on the device. These modifications make the backdoor much more difficult for antivirus programs to detect.”

Last month the vulnerability was finally identified, with PaloAlto claiming that this is the first Malware that it has seen built in, and operated by, an Android manufacturer.

Many smartphone operators pre-install software on smartphones, this is nothing new as it helps manufactures monitor what works and what doesn’t, “but CoolReaper has functionality well beyond what a user would expect.”

“The fact that the CoolReaper management interface could be hijacked by malicious attackers through a vulnerability helps highlight the danger of pre-installing this type of backdoor program.”

Burglar entering house through back door image, via Shutterstock

Gordon Hunt was a journalist with Silicon Republic