CATEGORIES
home News

Chinese OEM Coolpad Installed 'Coolreaper' Backdoor Software On Millions Of Smartphones

by Brandon HillThursday, December 18, 2014, 12:30 PM EDT

Chinese OEMs are stepping up their game in the smartphone sector. Companies like Huawei and Xiaomi have bolstered their share of the market, with the latter booting Samsung out of first place in China. One Chinese OEM, however, is looking to expand its presence in the smartphone world while at the same time partaking in nefarious acts.

Palo Alto Networks has discovered that Chinese OEM Coolpad has been installing a backdoor called “CoolReaper” on the millions of smartphones that it sells around the globe. Coolpad has taken additional steps to ensure that its CoolReaper backdoor goes undetected by widely available antivirus programs for the Android operating system.

Palo Alto Networks’ investigation found that CoolReaper was installed on 24 distinct smartphone models sold by Coolpad, which leaves over 10 million customers open to attacks by malicious third-parties.

coolpad metropcs

“The CoolReaper backdoor detailed in this report goes well beyond what users might expect, giving Coolpad complete control over the affected devices, hiding the software from antivirus programs, and leaving users unprotected from malicious attackers,” stated Palo Alto Networks’ Ryan Olsen.

The wide-ranging access granted by CoolReaper includes the ability to download, install, and activate any Android app without user intervention; dial random phone numbers; disable system services and user applications; and upload device information and app usage to Coolpad servers.  And this is just the tip of the iceberg; CoolReaper is capable of inflicting even more damage to a customer’s smartphone.

Other capabilities of CoolReaper include functionality that allows it to push fake over-the-air (OTA) updates to devices and the capability to send or insert arbitrary SMS/MMS messages onto a smartphone.

Not surprisingly, Coolpad has failed to respond to all requests by Palo Alto Networks for comment on CoolReaper. Coolpad needs to be held accountable for these accusations and if true, customers should respond by taking their business elsewhere as this is a serious breach of consumer privacy.

In addition to the blog posting discussing the matter, Palo Alto Networks has also posted a new report entitled “CoolReaper: The Coolpad Backdoor” which you can view here.

Tags:  smartphone, security, China, backdoor, coolreaper, coolpad, (nyse: panw)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment