Home / News I have a News Tip

Several Models of Android Devices Discovered Collecting and Transmitting Sensitive Personal Data

Several models of Android mobile devices discovered containing firmware that collect sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent. The report comes from mobile application security and intelligence firm, Kryptowire — an offshoot of Defense Advanced Research Projects Agency (DARPA) and the Department of Homeland Security. From the report: "These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices."

Related topics: Malware, Privacy

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

DNS Security

Sponsored by Afilias

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Cybersecurity

Sponsored by Verisign

IP Addressing

Sponsored by Avenue4 LLC

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Defending Against Layer 7 DDoS Attacks

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Is Your TLD Threat Mitigation Strategy up to Scratch?

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

The Framework for Resilient Cybersecurity (Webinar)

2015 Trends: Multi-channel, Streaming Media and the Growth of Fraud

Protect Your Privacy - Opt Out of Public DNS Data Collection

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Verisign iDefense 2015 Cyber-Threats and Trends

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains