A tool according to Coolpad meant for ‘internal testing’, contained a vulnerability, allowing attackers potentially millions of Coolpad smartphones could take over. The tool was accidentally in firmwares of devices have been.
The tool can perform updates of applications on the phone, random numbers call, fake sms send and remotely open urls. Thus, it was thanks to the leak, in theory, possible to transfer data from the smartphone and retrieve the appliances to take over completely. The leak is 20 november by a Chinese hacker and reported on a Chinese site for responsible disclosure, but is only now under the attention by a report from security company Palo Alto Networks about the topic. The leak seems to have not been closed, despite the fact that Coolpad the leak last month confirmed.
The tool, which Palo Alto Networks is the name CoolReaper has received, according to a spokesman from Coolpad intended for internal use, reports the Chinese news site Aqnui. That statement seems to be not conclusive: last year several users of Coolpad smartphones ads as a notification pushed through the system. The tool is not in any firmware of Coolpad smartphones, which makes it not necessary or part of the firmwares seems to be.
All the manufacturers have test tools for internal use, allowing them far-reaching access on smartphones. Also have manufacturers on models sold to consumers systems are, for example, over-the-air updates to be able to push and to problems from a distance, to be able to read where the error may be gone. The way in which Coolpad do that, namely, with the possibility not to let know to the user, is unusual.
Coolpad supplies are devices almost exclusively in China, where, according to Palo Alto Networks as possible, millions of the devices sold with the CoolReaper tool in the firmware. How many users now have the tool in their firmware, is unknown. Coolpad is the sixth largest smartphonemaker in the world.
