Pierluigi Paganini
October 29, 2014
Sony Xperia Devices secretly send user data to servers in China, this is the last news that is shocking the mobile industry and that was published on several forums. The problem relates to Sony devices running the Android 4.4.2 or 4.4.4 KitKat version, it seems that the anomalous behavior is observable even if the users haven’t installed any application on the Smartphone.
The news is disconcerting and it seems that some new Sony Xperia Smarphone contain the Baidu spyware. A few weeks ago a group of users belonging to an online community of Sony Xperia Smarphone owners, discovered the presence of a folder, named “Baidu” on their devices, that was created without the owner’s permission.
Due to the presence of the folder it is very easy for the users to verify in the Baidu spyware has infected their device.
Another worrying aspect is that users aren’t authorized to delete it from their Sony Xperia Smarphone, once they try to remove it, it instantly reappears. Users are not able to delete the Baidu folder even if the user tries the same procedure starting the phone in Safe Mode.
“Just unpacked my Sony Z3 compact, haven’t installed a single app and its connecting to China. I am not so concerned about the folder itself but my phone now has a constant connection to an IP address in Beijing, which I am not too happy about.” is the comment of a Sony Xperia Smarphone user published on a Reddit discussion on the topic.
According the reports circulating online the new Sony Xperia Z3 and Z3 Compact are affected by the problem, but many other users detected the folder on their devices, not only Sony Smartphone. The owners of an HTC One M7, an HTC One X and a few users using the OnePlus One have discovered the presence of the Baidu malware.
As reported by the colleagues at TheHackerNews, the mysterious Baidu folder appears to be created by Sony’s “my Xperia” service every time the handset establishes a connection and it is reported to be sending pings to China.
Many users reported they found that the Chinese government is able to control the spyware to gain access to the user’s device exactly in the same way any RAT does, in particular a users with the nickname Elbird has posted on different Sony Forums that the Baidu malware allows the Chinese Government to perform the following actions
The Sony Xperia case arrives a few days after the news that Chinese smartphone manufacturer Xiaomi was involved in a similar issue, experts sustain that the company is spying on personal user data. A few months ago, experts at F-Secure collected evidences that Xiaomi Smartphones were sending user data back to the servers based in China.
Sony still hasn’t officially commented the case, despite it has admitted the issue announcing the release of a fix.
Below the instructions to remove the Baidu Spyware from the device.
Security Affairs – (Sony Xperia Smartphones, mobile malware)
