Baidu’s Corrupt SDK Puts 100 Million Android Users Open To Backdoor Attacks

Share on twitter
Tweet
Share on whatsapp
WhatsApp
Share on facebook
Share
Baidu-SDK-100-million-users-attacked-backdoor

Baidu-SDK-100-million-users-attacked-backdoor

Short Bytes: Baidu, the Chinese analogous to Google has distributed a software development kit (SDK), Moplus, which has reportedly made over 100 million Android users open to attacks by putting a backdoor to their devices. The corrupt SDK has reached in 14,112 Android apps of which about 4,000 have been created by Baidu.

This is a perfect example of the butterfly effect. One mistake by Baidu and its ripples are reaching millions of users. Baidu, the Chinese analogous to Google, has created a software development kit (SDK) by the name Moplus which reportedly puts a backdoor on the devices of the users over which it is installed.

Trend Micro has pointed out that the SDK has already been included in about 14,000 Android applications and with a bit of maths comes the figure of over 100 million vulnerable users.

Know the difference between Viruses, Worms, Trojans, Bots, Malware and Spyware.

The Moplus SDK, after being installed launches an unsecured HTTP server on the victim’s smartphone. The process works in the background as it gives an open access to the hackers allowing them to execute a predetermined set of malicious commands on the affected device through the HTTP ports.

Once inside, the attacker could get almost all of your device’s information like contacts, send messages, make phone calls, download and upload files, and get your location as well. The list of malicious activities is very much similar to the Android malware which hides as an MS Word file, detected a few days ago.

ANDROIDOS_WORMHOLE.HRXA is one such malware reported inside the compromised devices. The problem is found to be even more critical in the rooted android devices as the users are not made aware of the newly installed apps.

Updates

Baidu has fixed the problem partly as it curbed the Moplus SDK’s ability to download/upload files, update contacts and scan for local apps. But others are still left in open.

Also Read: This Malware can Root Your Smartphones

Aashish Sharma

Aashish Sharma

Racing towards the dream - however, he's just a ping away - find him at Facebook or send him an email.

New on Fossbytes

Scroll to Top