OVER 10 MILLION USERS AT RISK
Researchers from Silicon Valley online security firm Palo Alto Networks discovered the backdoor, dubbed "CoolReaper," pre-installed on two dozens of Coolpad Android handset models, including high-end devices, sold exclusively in China and Taiwan. The backdoor can let attackers completely hijack users' Android device by gaining access to their device information and functions.
The backdoor presents several privacy and security risk, and is believed to impact over 10 million users worldwide. The security firm released a research paper Wednesday detailing its investigation on the backdoor software, called CoolReaper.
FEATURES OF COOLREAPER BACKDOOR
According to Ryan Olson, intelligence director at Palo Alto, CoolReaper backdoor can perform a wide number of unsolicited tasks. The backdoor has ability to:
Download, install and activate any Android application without the user's consent or notification
Connect to a number of command and control (C&C) servers
Clear user data, uninstall existing applications, or disable system applications
Send fake over-the-air (OTA) software updates to devices that install unwanted applications
Send or insert arbitrary SMS or MMS messages into the phone
Dial arbitrary phone numbers
Upload device information, its location, application usage information, calling and SMS history to Coolpad server
Researchers obtained only one of the Coolpad smartphone models sold in the U.S. and did not find CoolReaper on the device. So, they suspected that the CoolReaper backdoor comes pre-installed only on Coolpad handsets sold in China and Taiwan.
