Coolpad is one of those interesting Chinese OEMs who have been attracting a lot of attention so far this year. Although some users will still be new to the Chinese manufacturer, Coolpad are accredited with being China’s third largest manufacturer, as well as being noted as the sixth largest in the world. As such, they are certainly one to look out for in the future. To add to this, the company do not seem scared to try new things either or to think outside the box. For instance, it was only a couple of days ago when we reported that they are rumored to be working on a glass smartphone.
However, if you were thinking of picking up a Coolpad device anytime soon, then you will want to hear about this. Security Research company, Palo Alto Networks has seemed to of discovered that Coolpad is intentionally hiding a massive security risk within its devices. Palo Alto noted the Chinese OEM deliberately incorporated a backdoor on more than 24 models of their devices. This is thought to affect more than 10 million current users. The backdoor which is dubbed ‘CoolReaper’ is apparently able to perform tasks without the consent of the device owner. This could be in the form of clearing device data, downloading android applications without permission or even uploading device information to their servers.
What makes this breach worse, is that the only reason Palo Alto investigated the Coolpad devices was due to complaints from users in public forums about possible suspicious activities occurring with their devices. As such Palo Alto decided to look into the matter. As a result and instead of providing reassurance to the worried users, it seems they have stumbled across the CoolReaper backdoor confirming suspicions. It has even been suggested that Coolpad modified the custom version of Android to ensure the backdoor remained hidden and was unidentifiable by antivirus software. This is a rather worrying development for the company which until now had been doing rather well. If you are worried this might affect you or want to read more then click here to head over to the Palo Alto original posting.