Amazon suspends sales of Blu phones over spyware allegations (Update)

midian182

midian182

Posts: 10,761   +142
Staff member

Update (8/5): Amazon has resumed selling some Blu phones after reviewing information sent by the maker. Meanwhile Blu has announced they're getting relisted calling it a "false alarm," it must be harsh to be out of Amazon if you're a small phone manufacturer.

The original story follows below:

Back in November last year, security firm Kryptowire discovered spyware on some unlocked budget Android handsets made by US manufacturer Blu Products. Sales were halted for a month, but it seems that wasn’t the end of the matter. Amazon has just suspended the company from selling on the site, again, because the malicious software is apparently still present.

The app in question is developed by a Chinese firm called Shanghai Adups Technology Company. Kryptowire researchers discovered it was collecting user data from the Blu R1 HD phone and surreptitiously sending it to servers in China.

During last week’s BlackHat security conference in Las Vegas, Virginia-based Kryptowire said certain Blu phones still contained the spying software, which it claims makes the handsets vulnerable to remote attacks, as well as call and text logging.

"They replaced [the malware] with nicer versions. I have captured the network traffic of them using the command and control channel when they did it," said Kryptowire co-founder Ryan Johnson. He found the information being sent overseas included what apps were installed on the phone, MAC addresses, IMEI, phone numbers, and cell phone tower IDs.

A Blu spokeswoman denies the company has done anything wrong, stressing that it has "several policies in place which take customer privacy and security seriously.” Regarding the data collection, the company said:

The data that is currently being collected is standard for OTA functionally and basic informational reporting. This is in line with every other smartphone device manufacturer in the world. There is nothing out of the ordinary that is being collected, and certainly does not affect any user’s privacy or security […] Regarding that some information may be stored in China servers, their privacy policy clearly states that some of the data collected can be stored in servers outside the US, there is absolutely nothing wrong with having a server in China.

But it seems Amazon isn’t happy with Blu’s explanation. The retail giant told CNET that "because [the] security and privacy of our customers are of the utmost importance,” it has stopped sales of Blu handsets.

Permalink to story.

https://www.techspot.com/news/70381-amazon-suspends-sales-blu-phones-over-spyware-allegations.html

 
"has several policies in place which take customer privacy and security seriously.”
Now where have I heard/seen/read that comment whenever a company gets hacked/compromised due to their non existent or lax security, or just installing nasties as per this article?
It seems to be the standard response when the spokesperson is put on the spot and dare not speak the truth in fear of repercussions.
It remind me of politicians saying "That's a very good question" when they don't know how to answer a question or are just about to feed you a blatantly BS line... which is 99.9999% of the time.
 
Skidmarksdeluxe said:
"has several policies in place which take customer privacy and security seriously.”
Now where have I heard/seen/read that comment whenever a company gets hacked/compromised due to their non existent or lax security, or just installing nasties as per this article?
It seems to be the standard response when the spokesperson is put on the spot and dare not speak the truth in fear of repercussions.
It remind me of politicians saying "That's a very good question" when they don't know how to answer a question or are just about to feed you a blatantly BS line... which is 99.9999% of the time.
Click to expand...

It's not like that at all. Amazon is using Blu as a subcontractor to get their Prime subsriptions to people. The $50 Blu phone through Prime is an amazing deal. But if Blu doesn't work, they can find someone else. They already have the Moto series for the slightly higher end. It's a really good business model IMO. If the suppliers aren't living up to their contract, Amazon will find someone else.

--

Related: The Blu phones are incredible value. But maybe one reason they are so cheap is because they are getting shady kickbacks for having malware? It wouldn't be too surprising considering their razor thin profit margins on each phone.
 
Skidmarksdeluxe said:
"has several policies in place which take customer privacy and security seriously.”
Now where have I heard/seen/read that comment whenever a company gets hacked/compromised due to their non existent or lax security, or just installing nasties as per this article?
It seems to be the standard response when the spokesperson is put on the spot and dare not speak the truth in fear of repercussions.
It remind me of politicians saying "That's a very good question" when they don't know how to answer a question or are just about to feed you a blatantly BS line... which is 99.9999% of the time.
Click to expand...
Yep but it's extremely hypocritical when Google, Amazon, Apple, basically ALL US security agencies are guilty of this. Also ALL five eyes countries.

This actually makes me very unhappy with Amazon.
 
  • Like
Reactions: petert and Skidmarksdeluxe
You must log in or register to reply here.

Similar threads

midian182
After quitting phones in 2021, LG will soon pull the plug on its update servers
Replies
5
Views
238
user478318
user478318
Daniel Sims
Sony to cease Blu-ray production, leaving physical media fans concerned
2 3
Replies
57
Views
2K
Hotlynx16
H
midian182
LG ends Blu-ray player production as streaming dominance grows
Replies
9
Views
403
stewi0001
stewi0001

Latest posts

Back