Print this page
Published in Mobiles

OnePlus sent data back to China again

by on29 January 2018
OnePlus sent data back to China again


OnePlus still phones home

In October 2017, a researcher caught OnePlus silently collecting all sorts of data from its users. That created a bit of a stink and OnePlus promised it would not happen. But it seems there's still a OnePlus app that can grab data from the phone and send it to servers in China without a user's knowledge or consent.

A French security researcher who uses the handle Elliot Alderson on Twitter detailed OnePlus's data collection practices back in October, and he has now discovered a strange file in the OnePlus clipboard app.

A Badword.txt file contains various keywords, including "Chairman, Vice President, Deputy Director, Associate Professor, Deputy Heads, General, Private Message, shipping, Address, email" and others.

The file is then duplicated in a zip file called pattern alongside six other .txt files. All these files are apparently used in "in an obfuscated package which seems to be an #Android library from teddymobile".

TeddyMobile is a Chinese company that works with plenty of smartphone makers from China. The company can recognise words and numbers in text messages.

OnePlus is apparently sending your phone's IMEI number to a TeddyMobile server. It looks like the TeddyMobile package might be able to grab all sorts of data from a phone.

Even bank numbers are apparently recognised.

OnePlus has yet to say anything about it. 

 

 

Last modified on 29 January 2018
Rate this item
(0 votes)
Tagged under