Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Researchers find ‘CoolReaper’ backdoor in CoolPad devices

Share

A backdoor, named “CoolReaper,” apparently installed by Chinese phone-maker Coolpad in its Android-based mobile devices leaves users vulnerable to malicious activity, researchers at Palo Alto Networks have revealed.

Discovered by researcher Claud Xiao, CoolReaper goes “well beyond” the type of usage data collection that mobile carriers typically do “and acts as a true backdoor into Coolpad devices,” according to a blog penned by Xiao and the company's Unit 42 Intelligence Director, Ryan Olson.

CoolReaper can download, install or activate Android apps without the consent or notification of the user; clear user data and uninstall or disable apps, alert users to a fake Over-the-air (OTA) update that actually installs unwanted apps and upload device location and usage data to a Coolpad server. 

The backdoor, detailed in a report, has been identified on 24 Coolpad phone models, affecting more than 10 million users.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.