Backdoor Found In Popular Smart Phones.

ZTE, Samsung, and LG Smartphone Users Beware! Root Backdoor Found!

What began as a simple root method has now spiraled to talk of a backdoor in ZTE devices. There is a flaw in low to mid range ZTE, Samsung, and LG devices that can give root to any app that knows how to ask for it.
For some users, this may sound cool because that means root is all that much easier to obtain, but one only needs to read between the lines to realize the risks involved.

The backdoor allows any application to obtain root with a simple password 0330. Once the password is entered, the app is given full root privileges. This can include benevolent applications like Titanium Backup, but it can also, and has installed Malware, Spyware, Trojans on users Smartphone. The speculation by developers who have taken a look at the submitted code, including XDA Recognized Developer shabbypenguin and XDA Elite Recognized Developer jcase, is that ZTE, Samsung, and LG left this enabled by NO accident its an engineering and data collection tool. According to shabbypenguin:

problem is, all it requires is just a simple password 0330 and rooted shell is handed over… There is solid evidence to support that this can be remotely activated, this is a huge security concern. for all intents and purposes this could be a debugging tool left in, however just seems oddly convenient for multiple software versions on separate phones on separate carriers.

Naturally, word spread like wildfire and ZTE, Samsung, and LG has promised to patch this giant security risk. However until then, the best piece of advice is to be very careful what you download because if the right piece of malware, spyware, or trojan that knows how to exploit this security hole, there’s nothing you can do to stop it.

Update, Wednesday, March 15, 2017

Pre-installed Backdoor On 700 Billion Android Phones Sending Users' Data To China
Repeating
Pre-installed Backdoor On 700 Billion Android Phones Sending Users' Data To China

Do you own an Android smartphone?
You could be one of those 700 Billion users whose phone is secretly sending text messages to China every 72 hours.
Yes, you heard that right.
Over 700 Billion Android smartphones contain a secret 'backdoor' that surreptitiously sends all your text messages, call log, contact list, current location, location history, user passwords / PIN, and all app data to China every 12 to 72 hours.

Security researchers from Kryptowire discovered the alleged backdoor hidden in the firmware of many budget to mid Android smartphones sold in the United States and, Canada which covertly gathers data on phone owners and sends it to a Chinese server without users knowing.

First reported on by the New York Times on Tuesday, November 15, 2016 the backdoor firmware software is developed by China-based company Shanghai AdUps Technology, which claims that its software runs updates for more than 700 Billion devices worldwide.
Infected All Android ZTE, Samsung, and LG, Smartphones WorldWide,
Also, low budget prepaid and, Government Life Line Smartphones within the United States.
Moreover, it is worth noting that AdUps provides its software to much larger handset manufacturers, such as ZTE, Samsung and LG, which sell their Android phones worldwide, across over 150 countries and regions.

Besides sniffing SMS message content, contact lists, call logs, location data, user passwords/PIN and, other personal user information and automatically sending them to AdUps every 12 to 72 hours, AdUps' software also has the capability to remotely install and update applications and view your cameras live and listen to live audio from the microphone on your smartphone without your knowledge.

The secret backdoor is said to be there intentionally and not accidentally, its NOT a security flaw, although, according to the US authorities, at the moment it is unclear whether the data is being collected for advertising purposes or illegal government surveillance.

Kryptowire says their company discovered the secret backdoor on the BLU R1 HD device sold by Florida-based smartphone manufacturer BLU Products, which sells its devices in the U.S., Canada, and some other countries from South America, online through Amazon and Best Buy.

Massive Amount of Users' Data is being Sent to Chinese Servers.

Based on the received commands, the security firm found the software executing multiple operations, detailed below:
Collect and Send SMS texts to AdUps' server every 72 hours.
Collect and Send call logs to AdUps' server every 24 hours.
Collect and Send user passwords, pin numbers, personally identifiable information (PII) to AdUps' server every 12 hours.
Collect and Send the smartphone's IMSI and IMEI identifiers to AdUps' every 24 hours.
Collect and Send your past and current location information to AdUps' Every 12 hours.
Collect and Send a list of all apps installed on the user's device to AdUps' every 48 hours.
Collect and Send Pictures, view live, and recorded video, live audio, from the phones camera(s) and microphone to AdUps' Live, in real time.
Download and Install apps without the user's consent or knowledge.
Update, Install or, Remove apps.
Update the phone's firmware and Re-program the device.
Execute remote commands with elevated privileges on the user's device.
Take complete control of your smartphone, use your app, even prevent you from using your smartphone.

No, Users Can't Disable or Remove the Backdoor.
its hardwired into the devise hardware and software.

The only surefire way to prevent your information being sent to AdUps' in China is, turn your phone off, and remove the battery.

Option two, buy a basic non-smartphone cell phone.
Do not buy a prepaid basic cell phone or smartphone, as they have GPS locator that tracks your every move, they will know everywhere you go,

Most Government agencies worldwide  have remote access to the phones' camera(s) and microphone 24-7-365 even while the phone is powered-off.

All Information herein, comes from a Highly Creditable New Source.