Thanks Thanks:  0
Showing results 1 to 3 of 3

Thread: Backdoor found in ZTE Android phones

  1. 2012-05-17, 07:17 AM #1
    T_ADD
    T_ADD is offline
    Member Reputation: 730
    Join Date
    2011-04-12
    Posts
    633

    Default Backdoor found in ZTE Android phones

    Backdoor found in ZTE Android phones
    By Michael Lee, ZDNet.com.au on May 15th, 2012 (15 hours ago)


    Two mobile phones, developed by Chinese telecommunications device
    manufacturer ZTE, have been found to carry a hidden backdoor, which can
    be used to instantly gain root access with a password, that has been
    hard-coded into the software.


    NOTE: Password is: ztex1609523


    Android devices typically ship with the user unable to run commands as
    the "root user", in order to protect customers from any inadvertent
    damage they could cause, and to reduce the chance of rogue applications
    taking complete control of the device. However, following an anonymous
    post to Pastebin, security researchers have found that ZTE has installed
    an application on the Score M and the Skate mobile phones, which make
    rooting these phones simple.


    The post said:


    There is a setuid-root [set user ID upon execution] application at
    /system/bin/sync_agent that serves no function besides providing a root
    shell backdoor on the device. Just give the magic, hard-coded password
    to get a root shell.


    The phone is available in the US and the UK, amongst other markets.
    While no telco in Australia appears to be selling the Score M or Skate
    mobile phones outright, it is still possible to purchase it online or
    through smaller firms. ZTE has offices in Sydney and Melbourne, and is a
    supplier of a large number of Telstra mobile phones, typically rebranded
    as Telstra's own T- and F-series mobile phones. Telstra is aware of the
    issue, and is in the process of testing its devices, to determine if the
    backdoor exists on them.


    "Our preliminary tests suggest that handsets supplied to Telstra are
    unaffected by this issue. That said, we take device security very
    seriously, and we are conducting more extensive testing to confirm our
    initial findings. Should we discover any issues, we will contact
    customers directly," Telstra said in a statement.


    ZTE is also the company behind the Optus-branded MyTab tablet, which
    runs Android.


    ZDNet Australia contacted Optus to comment on whether its devices may be
    affected, but did not receive a response at the time of writing.


    Although Vodafone sells ZTE-branded USB modems, it does not sell any
    Android devices from ZTE in Australia.


    Former McAfee threat research vice president Dmitri Alperovitch is a
    security researcher that has independently verified the original claim,
    posting the password to the hidden application on Twitter.


    Dmitri Alperovitch @DmitriCyber 14 May 12


    @k_sec haven't independently verified myself


    Dmitri Alperovitch @DmitriCyber


    @DmitriCyber @k_sec We have just confirmed this. Password is
    ztex1609523 in the backdoor
    14 May 12


    There are also a number of reports from users on Reddit, some who said
    that there does not appear to be any way of remotely accessing the
    backdoor. However, other users have pointed out that if the ****er wrote
    another application to access the backdoor, it would be a trivial matter
    to first root the device and then take complete control.
    Edify...
  2. 2012-05-17 07:17 AM # ADS
    Finetopix
    Circuit advertisement
    Join Date
    Always
    Posts
    Many
     
  3. 2012-05-17, 02:34 PM #2
    spatkad
    spatkad is offline
    Member Reputation: 219
    Join Date
    2011-05-02
    Posts
    257

    Default Re: Backdoor found in ZTE Android phones

    Quote Originally Posted by T_ADD View Post
    Backdoor found in ZTE Android phones
    By Michael Lee, ZDNet.com.au on May 15th, 2012 (15 hours ago)


    Two mobile phones, developed by Chinese telecommunications device
    manufacturer ZTE, have been found to carry a hidden backdoor, which can
    be used to instantly gain root access with a password, that has been
    hard-coded into the software.


    NOTE: Password is: ztex1609523


    Android devices typically ship with the user unable to run commands as
    the "root user", in order to protect customers from any inadvertent
    damage they could cause, and to reduce the chance of rogue applications
    taking complete control of the device. However, following an anonymous
    post to Pastebin, security researchers have found that ZTE has installed
    an application on the Score M and the Skate mobile phones, which make
    rooting these phones simple.


    The post said:


    There is a setuid-root [set user ID upon execution] application at
    /system/bin/sync_agent that serves no function besides providing a root
    shell backdoor on the device. Just give the magic, hard-coded password
    to get a root shell.


    The phone is available in the US and the UK, amongst other markets.
    While no telco in Australia appears to be selling the Score M or Skate
    mobile phones outright, it is still possible to purchase it online or
    through smaller firms. ZTE has offices in Sydney and Melbourne, and is a
    supplier of a large number of Telstra mobile phones, typically rebranded
    as Telstra's own T- and F-series mobile phones. Telstra is aware of the
    issue, and is in the process of testing its devices, to determine if the
    backdoor exists on them.


    "Our preliminary tests suggest that handsets supplied to Telstra are
    unaffected by this issue. That said, we take device security very
    seriously, and we are conducting more extensive testing to confirm our
    initial findings. Should we discover any issues, we will contact
    customers directly," Telstra said in a statement.


    ZTE is also the company behind the Optus-branded MyTab tablet, which
    runs Android.


    ZDNet Australia contacted Optus to comment on whether its devices may be
    affected, but did not receive a response at the time of writing.


    Although Vodafone sells ZTE-branded USB modems, it does not sell any
    Android devices from ZTE in Australia.


    Former McAfee threat research vice president Dmitri Alperovitch is a
    security researcher that has independently verified the original claim,
    posting the password to the hidden application on Twitter.


    Dmitri Alperovitch @DmitriCyber 14 May 12


    @k_sec haven't independently verified myself


    Dmitri Alperovitch @DmitriCyber


    @DmitriCyber @k_sec We have just confirmed this. Password is
    ztex1609523 in the backdoor
    14 May 12


    There are also a number of reports from users on Reddit, some who said
    that there does not appear to be any way of remotely accessing the
    backdoor. However, other users have pointed out that if the ****er wrote
    another application to access the backdoor, it would be a trivial matter
    to first root the device and then take complete control.
    I am no surprised because every telecom equipment(RAN and Core) from china has back doors on it that is why the United States does not want Chinese equipment.
  4. 2012-05-17, 03:49 PM #3
    Stantheman
    Stantheman is offline
    VIP Member Reputation: 1401
    Join Date
    2008-07-27
    Posts
    850

    Default Re: Backdoor found in ZTE Android phones

    not at all surprising, much bigger things than this happen when it comes to monitoring and control .. like http://www.wired.com/threatlevel/201...tacenter/all/1 interesting reading, and this is what we are allowed to find out about ... there is obviously far more we do not understand

    "The former NSA official held his thumb and forefinger close together: “We are that far from a turnkey totalitarian state.”
« Previous Thread | Next Thread »

Bookmarks

Bookmarks

Posting Rules

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules