recentpopularlog in

charlesarthur : bluebox   2

How Bluebox fell for a counterfeit Xiaomi Mi 4 to claim it came with pre-installed malware » BGR India
Rajat Agrawal:
Over the past few days, a little known but well funded mobile security firm, Bluebox, published a report claiming Xiaomi was pre-installing malware on its Mi 4 smartphone. The report also claimed that Xiaomi was shipping the Mi 4 with a rooted ROM and came pre-installed with tampered versions of popular benchmarking apps. It also claimed that Xiaomi’s own identifier app showed that the phone was a legitimate Xiaomi product, raising questions on the security of products made by one of the fastest rising smartphone brand in South East Asia. However, as it turns out, the smartphone Bluebox had acquired through an unofficial source in China was nothing more than a sophisticated counterfeit. But how did a startup, with $27.5 million in funding from Andreessen Horowitz, Tenaya Capital, and Andreas Bechtolsheim fall for a counterfeit product?


Because it was fake, and they didn't twig it.
xiaomi  bluebox  security 
march 2015 by charlesarthur
Popular Xiaomi phone could put data at risk » Bluebox Security
There's a big asterisk on this one, but first read what Andrew Blaich found:
We ran several of the top malware and antivirus scanners on the Mi 4 to determine if any questionable apps came pre-loaded on the device. We used several scanners to compile a comprehensive list as some scanners returned nothing and others flagged different apps. Ultimately, we found six suspicious apps that can be considered malware, spyware or adware; a few were more notable than others.

One particularly nefarious app was Yt Service. Yt Service embeds an adware service called DarthPusher that delivers ads to the device among other things[2]. This was an interesting find because, though the app was named Yt Service, the developer package was named com.google.hfapservice (note this app is NOT from Google). Yt Service is highly suspicious because it disguised its package to look as if it came from Google; something an Android user would expect to find on their device. In other words, it tricks users into believing it’s a “safe” app vetted by Google.

Other risky apps of note included PhoneGuardService (com.egame.tonyCore.feicheng) classified as a Trojan, AppStats classified (org.zxl.appstats) as riskware and SMSreg classified as malware[3]


However, Xiaomi says that the device "appears to have been tampered [with] in the distribution/retail process by an unknown third party". But as Blaich points out, if it's that easy to mess with, that raises other questions too. Selling smartphones isn't as simple as just choosing a spec list.
xiaomi  malware  retail  bluebox 
march 2015 by charlesarthur

Copy this bookmark:





to read