Blu phones pulled from Amazon over Adups spyware concerns

blu phones
Andy Boxall/Digital Trends
Blu, the Florida-based smartphone maker known for its affordable lineup of Android smartphones, was in hot water earlier this week with Amazon over privacy concerns, but luckily, those issues have now been resolved.

On Tuesday, the online retailer said that it was suspending the sale of Blu phones because of a “potential security issue” on the company’s cheaper models. “Because security and privacy of our customers is of the utmost importance, all Blu phone models have been made unavailable for purchase on Amazon.com until the issue is resolved,” an Amazon spokesperson said in a statement.

However, on Friday, the unlocked Android devices were back on sale at Amazon after the “false alarm” was cleared up.

Blu is a key member of Amazon’s Prime Exclusive Phones program, which offered discounts on unlocked phones in exchange for ads on the lock screen.

“Since Nov 2016 when the initial privacy concern was reported by Kryptowire, which BLU quickly remedied, Amazon has been aware of the Adups and other applications on our BLU devices which were deemed at the time by BLU, Amazon, and Kryptowire to pose no further security or privacy risk,” Blu told Digital Trends. “Now almost a year later, the devices are still behaving in the same exact way, with standard and basic data collection that pose no security or privacy risk. There has been absolutely no new behavior or change in any of our devices to trigger any concern. We expect Amazon to understand this, and quickly reinstate our devices for sale.”

And it would seem that Blu’s expectations have been met.

Amazon’s initial decision came a month after security firm Kryptowire demonstrated that apps on Blu phones were recording keystrokes, call logs, browser history, and unique phone identifiers like the MAC address and IMEI. In a report published in July, Kryptowire wrote that Shanghai Adups Technology, the company behind the data-collecting apps, was funneling the data to servers in China.

blu phones

Kryptowire looked at more than 20 pieces of firmware for Blu phones, all of which contained exploits stemming from faulty MediaTek code. They used privilege escalation, a technique that gives certain apps more permissions than they’d normally have, to establish a command an control channel — a communications route with unfettered access to a device’s software. By executing commands as if they were the user, Adups apps could install apps, take screenshots, record the screen, make calls, and wipe devices.

MediaTek said it resolved the issue in November, but a number of Blu phone models, including the Blu Advance 5.0, haven’t received a security patch.

Blu said that is “has several policies in place which take customer privacy and security very seriously,” and Adups called it a “mistake.” But analysts at Kryptowire claims to have detected the spying software on at least three different phones.

Ryan Johnson, a research engineer and co-founder at Kryptowire, said that in May he observed Blu’s R1 HD and Grand M sending data to China containing the phone number, cell phone tower ID, and browser bookmarks.

“[It’s] generally [enough to] locate a person, presuming they’re in an urban area,” Johnson said. “It seems pretty widespread around lower-end phones.”

In a follow-up statement provided to ZDNet, Blu said that Adups software was only on some older devices, and that new phones would use Google’s Over-The-Air software.

“Blu decided to switch the Adups OTA application on future devices with Google’s GOTA,” Blu said. “Even though it is Blu’s policy to only use GOTA moving forward, some older devices still use Adups OTA.” Any data its devices collect, Blu noted, is only “standard for OTA functionality” and “does not affect any user’s privacy or security.”

Update: Blu phones are back on Amazon

Mobile

Midrange phones can’t do A.I., but MediaTek’s P90 chip aims to change that

MediaTek has announced the Helio P90 mobile processor, which it says will bring the best A.I. features we see on high-end smartphones, to the mid-range. We spoke to the company about the chip.
Deals

The best iPhone deals for December 2018

Apple devices can get expensive, but if you just can't live without iOS, don't despair: We've curated an up-to-date list of all of the absolute best iPhone deals available for December 2018.
Deals

The best Apple Watch deals for December 2018

The Apple Watch has surged to prominence in recent years. If you're in the market for an iOS wearable, we've sniffed out the best Apple Watch deals available right now for all three models of this great smartwatch.
Deals

Check out the best Xbox One deals and bundles for December 2018

Microsoft's consoles are just as capable of streaming movies as they are of playing the latest games. Check out our top Xbox One deals and bundles, which include new and upcoming triple-A games like Battlefield V and Fallout 76.
Emerging Tech

Awesome Tech You Can’t Buy Yet: Booze-filled ski poles and crypto piggy banks

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Mobile

iOS jailbreak app store Cydia shuts down purchasing

For years, iOS users have been jailbreaking their devices to install software not approved by Apple. But now the popular app store alternative Cydia will no longer be accepting purchases.
News

Lawsuit alleges Apple falsely advertised the screen size of the iPhone X

A lawsuit alleges that Apple was dishonest in the way that it marketed the iPhone X. The lawsuit alleges that despite Apple's marketing campaign, the new iPhone is not in fact all screen because of the notch.
Mobile

Is somebody watching you? How to stop apps from tracking your location

If you don't like the idea of your every movement being tracked by apps on the phone in your pocket, then you may want to turn location tracking off. We take a look at how to do it on an iPhone or Android phone in this easy guide.
Mobile

Report: Samsung's upcoming foldable phone will cost a hefty $1,800

Samsung has been showcasing bendable display tech for a few years and now a folding smartphone might finally arrive. The Galaxy X, or perhaps the Galaxy F, may be the company's first example. Here's everything we know about it.
Business

Apple is still selling iPhones in China despite being ordered not to

Apple is following the FTC's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.
Smart Home

Starbucks teams with Uber Eats for delivery from 2,000 of its U.S. stores

Starbucks has teamed up with Uber Eats to offer customers deliveries from almost a quarter of its stores in the U.S. The major expansion launches early next year, making life even easier for fans of the coffee giant.
Mobile

Huawei Nova 4 has a hole in the screen, and a 48-megapixel camera on the back

Huawei has launched the Nova 4, a new smartphone that has abandoned the screen notch and adopted a punch hole alternative, and also has a massive 48-megapixel camera. Here's what you need to know about the Nova 4.
Mobile

Black hole in the screen of Samsung's new Galaxy A8s has a camera inside

Samsung is building exciting, technologically innovative midrange phones, and the latest to be revealed is the new Samsung Galaxy A8s, which may give us an idea of what the new Samsung Galaxy S10 will look like.
Mobile

Score a Christmas deal with Speck’s half-off sale on its entire range of cases

The holidays might be nearing, but bargains don't take time off. To celebrate the last day for U.S. ground shipping, Speck will be offering a sitewide 50-percent-off deal for one day only on Monday December 17.