Hidden spy software found in Chinese-made smartphones

Star N9500By JOSEPH FITSANAKIS | intelNews.org
A popular brand of Chinese-made smartphones, which are sold internationally by several major retailers, has been found to contain pre-installed monitoring software, according to a German security firm. The revelation was made on Tuesday by G Data Software, which is based in Bochum, Germany, and has a subsidiary in the United States. The firm, which was founded in 1985, said it discovered the spy software hidden deep inside the proprietary software found on the Chinese-made Star N9500. The product in question is a cheap smartphone based on the popular Samsung Galaxy S4, and can be purchased from numerous Internet retailers, including online outlets such as Amazon.com. A G Data spokesperson, Thorsten Urbanski, told reporters in Germany that his company purchased several Star N9500 telephones from an online retailer after receiving multiple messages from users of the telephone in Germany, who said the device’s operating system appeared to contain malicious software. The security firm said the Star N9500’s operating system contains hidden software applications that could allow a third party to access and steal the telephone user’s personal information. There are also secret applications that could permit a hacker to place calls from the telephone, or utilize the device’s microphone and camera without the consent of its owner. What is more, the stolen data was sent to a server based in China. G Data investigators added that their team of experts sought for “over a week” to track down the manufacturer of the Star N9500 but were unable to do so. German media reported that journalists from The Associated Press also tried to locate the manufacturer of the smartphone, by contacting several companies located in China’s southern province of Shenzhen, known as the center of the country’s telecommunications industry. Read more of this post

About these ads

News you may have missed #805 (analysis edition)

US consulate in Benghazi, LibyaBy IAN ALLEN | intelNews.org |
►►Should the US be wary of Huawei? Regular readers of intelNews know that this blog has been covering the subject of Chinese telecommunications hardware manufacturer Huawei for several years now. During the past few weeks, the United States Congress has flagged the company as being too closely associated with the Chinese intelligence establishment. Other countries have done so as well. But not everyone agrees. New York-based newspaper The Wall Street Journal said recently that “bashing Chinese companies on national security grounds seems like a risk-free strategy” for US politicians and added that, unlike Congress, American governors and mayors are eager to promote investment by Chinese companies. Moreover, Wired‘s Marcus Wohlsenemail suggests that, spies or no spies, US telecommunications companies should fear Huwaei, which is here to stay.
►►Should CIA share some of the blame for Benghazi? For the last month, the US media and Congress have been grilling the State Department for the security failures during the deadly assault on a US compound in Benghazi, Libya. But what if the State Department is the wrong target of scrutiny? According to a counter-theory advanced recently by The Washington Post‘s Dana Milbank, the CIA, not the State Department, bears some responsibility for the security lapse that led to the death of Ambassador Chris Stevens and three other Americans, but is flying under the radar due to the classified nature of its activities in Libya.
►►Could unmanned drones go rogue? Unmanned aerial vehicles, commonly known as drones, have been in the news a lot lately: the US Congress has given the green light for their use by state and local law enforcement, academic researchers, and the private sector. UAVs are rapidly becoming a new tool in patrolling US borders and in NATO military operations in Afghanistan and Pakistan. But non-state actors, including organized criminal gangs and drug cartels, may also be seeing the benefits of UAVs before too long. Read an interesting analysis piece that includes comments by intelNews‘ own Joseph Fitsanakis.

White House review ‘found no evidence’ of Huawei spying for China

Huawei TechnologiesBy JOSEPH FITSANAKIS | intelNews.org |
A review commissioned by the government of the United States has reportedly found no evidence that Chinese telecommunications hardware manufacturer Huawei Technologies spied for the Chinese government. The 18-month-long review, which was ordered directly by the White House, examined the question of security vulnerabilities posed by telecommunications hardware suppliers, which could theoretically harm US service providers and pose a danger to US national security. The report, which was allegedly aided by several US intelligence agencies and other federal government departments, was based on detailed interviews with nearly 1,000 telecommunications equipment consumers across the United States. It was concluded at the start of 2012, but remains largely classified. However, Reuters news agency cites “two people familiar with the probe”, who claim that the probe contains “no clear evidence” that Huawei spied for the government of China. At the same time, however, the probe concluded that Huawei telecommunications hardware contains numerous structural vulnerabilities which could help hackers exploit telecommunications networks supported by the Chinese company. According to one source quoted by Reuters, the White House report found that the telecommunications hardware sold by Huawei was “riddled with holes”. Read more of this post

Situation Report: China’s Huawei Going Mobile? (Exclusive)

Huawei TechnologiesBy TIMOTHY W. COLEMAN | intelNews.org |
The Chinese firm, Huawei Technologies, a provider of information and communications technology, has been constantly under fire in the United States and around for the world for its supposed deep ties to China’s military and intelligence establishment. It is not without some justifiable concern either. Prior to starting Huawei Technologies, the company’s founder and CEO, Ren Zhengfei, served for more than 10-years in China’s People’s Liberation Army’s engineering corps. This reality, rightly or wrongly, has added fodder for concerns that Chinese government interests are intertwined with those of Huawei. On September 13, Huawei Technologies and another Chinese firm, ZTE, were the subject of a Congressional hearing titled “Investigation of the Security Threat Posed by Chinese Telecommunications Companies Huawei and ZTE”. The purpose of the hearing, as explained by the US House Permanent Select Committee on Intelligence, was to assess the potential danger of “telecommunications equipment manufactured by companies with believed ties to the Chinese government”. Read more of this post

News you may have missed #790

Abdullah al-SenussiBy IAN ALLEN | intelNews.org |
►►New report reopens CIA torture allegations. A report from Human Rights Watch, which was released last week, said that Libyan fighters opposed to Muammar Gaddafi’s regime were subjected to harsh interrogation techniques while in US custody overseas, during the administration of George W. Bush. The accusations, if substantiated, would suggest wider use of waterboarding than US officials have previously acknowledged. The report, which is based on documents and interviews in Libya after the fall of Gaddafi, includes a detailed description of what appears to be a previously unknown instance of waterboarding by the CIA in Afghanistan nine years ago.
►►Analysis: What does Gaddafi’s ex-spy chief know about Lockerbie? Abdullah al-Senussi became a hate-figure in his home country as head of an intelligence machinery responsible for the mistreatment of thousands of opponents of the regime of Muammar Gaddafi, his brother-in-law. He is nicknamed the “butcher” and known as Gaddafi’s “black box” because of the secrets he supposedly holds. The new Libyan regime had been negotiating for months with Mauritania where al-Senussi had fled following the fall of the Gaddafi regime last September. But now that al-Senussi has been flown back to Libya by private jet, he may at last be able to face questions by British police about Lockerbie.
►►Chinese hardware manufacturer denies spying allegations. The Chinese hardware-manufacturing firm Huawei has released a 24-page report, written by John Suffolk, a former British government chief information officer who has now turned Huawei’s global security officer, which states that protecting the network security of its worldwide customers is one of company’s “fundamental interests”. The report follows allegations in the United States, Australia, India, and elsewhere, that the company maintains close operational ties to China’s intelligence establishment.

News you may have missed #748 (US edition)

Michael HaydenBy IAN ALLEN | intelNews.org |
►►US lawmakers probe China companies over spy concerns. In letters sent last week to Chinese communications hardware firms Huawei Technologies and ZTE Corporation, a group of senior members of the US House of Representatives Intelligence Committee have outlined concerns about the companies’ ties with the Chinese government, including the role of a “party committee” at Huawei. The lawmakers have also asked about Huawei’s relationships with five US consulting firms and requested an expansive collection of documents, including the contracts between the firms and Huawei.
►►Lone Senator resists Bush/Obama NSA wiretapping plan. The Obama administration wanted a quick, no-questions-asked-or-answered renewal of broad electronic eavesdropping powers that largely legalized the Bush administration’s illegal warrantless wiretapping program. That’s despite President Barack Obama’s campaign promise to revisit and revise the rules to protect Americans’ rights. Everything seemed to be going to plan after a Senate committee approved the re-authorization in secret last month. But Senator Ron Wyden (D-Oregon) has stepped in to stop the bill because the government refuses to say how often the spy powers are being used.
►►What did Hayden tell Obama in January 2009? In December of 2008, a meeting took place between the incoming US Presiden Barack Obama and the departing CIA Director Michael Hayden. Several days later, on January 15, Hayden told journalists that Obama had privately assured him that “no plans to launch a legal inquiry” into the CIA’s use of controversial interrogation methods during the Bush administration. Now, several years later, Salon has published an insider’s account of what was said in that meeting between Obama and Hayden, as well as during the days that followed.

Analysis: The strange world of cyberspy vendor conferences

ISS WorldBy JOSEPH FITSANAKIS | intelNews.org |
It is common knowledge among intelligence observers that espionage activity around the world is on the increase, having in some cases surpassed Cold-War levels. The main facilitator of this phenomenon is technological, namely the ease of access to classified information afforded by relatively safe cyberespionage techniques. In our 21st-century, therefore, the spy v. spy game takes place largely online. Ironically, however, many of the government agencies engaged in offensive cyberintelligence operations against each other buy the required software and hardware from the same vendors. The latter are private companies, headquartered in Milan, London, Johannesburg, Montreal, and other cities around the world, which periodically participate in industry trade shows. These gatherings are eerie, secretive meetings, frequented by international spies representing various governments, and are strictly closed to outsiders. Vernon Silver, of Bloomberg, which has done an admirable job lately tracking the operations of these secretive vendors, has penned a fascinating exposé of one such bizarre trade show, called ISS World. Known informally as ‘Wiretappers Ball’, ISS (short for Intelligence Support Systems) World convenes several times a year in various cities around the world. One recent show, which took place in Malaysia, hosted nearly 1,000 attendees from 56 countries, writes Silver: “unlike trade shows, this one had no social events [and] no corporate-sponsored cocktail parties”. Instead, merchants of communications interception technologies offered demonstrations to agents of various governments, of what is called “offensive IT intelligence”. These demonstrations, conducted by appointment only in darkened conference rooms, center on technologies that can hack cell phones, break into email accounts, unscramble encrypted Skype calls, and surreptitiously access targeted web cams. Read more of this post

US report links telecoms company to Chinese spy services

Sun Yafang

Sun Yafang

By JOSEPH FITSANAKIS | intelNews.org |
For the first time a United States government agency has openly linked one of China’s main telecommunications companies with the country’s intelligence services. The alleged link is provided in a new report by the US Open Source Center, which acts as the open-source intelligence (OSINT) arm of the Office of the Director of National Intelligence. The report concludes that the company, Huawei Technologies, relies on a series of formal and informal contacts with the Chinese People’s Liberation Army and the Ministry of State Security (MSS), which oversee and administer China’s military and civilian intelligence apparatus. Founded in 1987 to import Western office telephone systems to China, the company has become one of the country’s leading exporters of all kinds of communications hardware equipment, ranging from routers to cell towers and undersea cables. But Huawei’s export growth has been hampered in recent years by widely circulated suspicions that the company maintains close ties to the Chinese military and intelligence establishments. The Open Source Center report adds to these suspicions, by pointing out that Huawei’s current chairperson, Sun Yafang (pictured), was an employee of the MSS Communications Department prior to joining Huawei in 1989. It also says that, prior to joining the company, Sun utilized her personal contacts at MSS to “help Huawei through financial difficulties at critical moments when the company was founded in 1987”. The close contacts between the —ostensibly private— company and the Chinese government have persisted ever since, says the report, and points out that the Chinese state has funded Huawei with nearly a quarter-billion dollars for “research and development” projects in the past three years alone. This is not the first time that Huawei has been accused of maintaining close contacts with Chinese intelligence agencies. In 2009, the Australian Security Intelligence Organisation (ASIO) investigated one of Huawei’s Australian-based subsidiaries for links to Chinese intelligence operations. In the following year, the Indian government barred the company from operating in India, citing its allegedly “strong links with the Chinese military”. Read more of this post

Western companies help Bahrain spy on democracy activists

NSN Logo

By JOSEPH FITSANAKIS | intelNews.org |
While Western governments preach to the world about the benefits of democracy, Western companies supply some of the most detestable dictatorial regimes with surveillance technologies for use against pro-democracy activists. One example in point is the repressive government of Bahrain, which, according to Amnesty International, is responsible for some of the most extensive human rights violations anywhere in the Middle East. Bahrain is the kind of place where even medical professionals who treat people wounded by police or soldiers in demonstrations are charged with “incitement”. Despite the fervor of the pro-democracy movement that has risen as part of the Arab Spring, the oil-rich royal clique that rules the nation has managed a series of debilitating hits against the reformists. The success of the crackdown is largely due the use of sophisticated telecommunications surveillance systems that allow Bahraini authorities to spy on cell phones and social networking platforms used by members of the pro-democracy opposition. Who supplied the Bahraini dictators with this equipment? Step forward German engineering conglomerate Siemens AG, and Finnish multinational Nokia. An article published this week in Bloomberg’s Markets magazine, fingers the German company as the primary supplier of telecommunications surveillance systems to the Bahraini royals. The latter rely on contracts with Nokia’s Trovicor GmbH subsidiary to maintain the sophisticated software and hardware. Bloomberg says it was notified of the Nokia Siemens Networks (NSN) partnership by two unnamed insiders, “whose positions at the companies gave them direct knowledge of the installations and the sale and maintenance contracts”. Read more of this post

News you may have missed #529 (analysis edition)

  • Analysis: US Senate backs Petraeus for CIA chief. The US Senate Intelligence Committee on Tuesday unanimously approved General David Petraeus’s nomination to head the CIA. But, asks, The Washington Post‘s Walter Pincus, which Petraeus will arrive at the CIA? The officer or the gentleman?
  • Analysis: US spies can’t stop buying face microchips from China. US military officials have known since 2005 that they have a quality control problem with the microchips they’ve been buying from China. Already, thousands of fake Chinese microchips are crashing American military networks. Last week, the US government finally announced that they want to find a way to spot “trojan horse” chips. What took them so long?
  • Analysis: Has the CIA penetrated Hezbollah? Hezbollah’s admission that it has seized three spies in its ranks, two supposedly recruited by the CIA, is a serious blow to the Iranian-backed movement’s prestige soon after it took control of Lebanon’s government for the first time. On the other hand, it is worth noting that, in recent years, the Lebanese Shiite group has proven near-impenetrable to both the CIA and the Mossad.

News you may have missed #417

  • US Senators question Chinese telecom hardware bid. Senior Republican senators have called for an investigation on whether US national security will be compromised by the Chinese telecommunications company Huawei seeking to sell equipment to Sprint Nextel, which provides services to the US military and law enforcement agencies.
  • Pakistan environmental chaos causes security concerns. The catastrophic floods in Pakistan, which have displaced millions of persons over the last several weeks, when combined with the other socioeconomic and political stresses on Pakistan, have the potential to further weaken an already weak Pakistani state, according to a new US Congressional Research Service report.
  • Russian base in Armenia to stay through 2044. Russia has secured a long-term foothold in the energy-rich and unstable Caucasus region by signing a deal with Armenia that allows a Russian military base to operate until 2044 in exchange for a promise of new weaponry and fresh security guarantees.

Bookmark and Share

News you may have missed #336

  • CIA tech arm invests in camera lens start-up. The CIA’s venture-capital investment arm, In-Q-Tel, has struck again. This time it has funded LensVector, a hi-tech start-up that specializes in micro-camera technology for cell phones.
  • NSA cyberdefense exercise underway. Detailed status report on the National Security Agency’s 10th annual Cyber Defense Exercise, a competition that pits students from a series of US military academies against each other –and against the competition’s leaders at NSA– in a bid to see who has the best cyberdefense skills.
  • US spy researchers working on computational intel. IARPA, the US intelligence community’s research arm, is apparently working on a new program, called Aggregative Contingent Estimation, which aims to create a computational model that can enhance human hypotheses and predictions, by catching inevitable biases and accounting for selective memory and stress in intelligence analysis.

Bookmark and Share

CIA technical expert arrested for pilfering equipment

Anritsu spectrum analyzer

An analyzer

By IAN ALLEN | intelNews.org |
A CIA communications technology specialist has been charged with selling CIA communications equipment to a private broker. FBI counterintelligence agents arrested Todd Brandon Fehrmann on February 26, several weeks after he sold $60,000-worth of equipment to Massachusetts-based Bizi International, Inc. Fehrmann’s CIA connection is concealed in the FBI affidavit, but The Washington Times says US government officials and even Fehrmann himself have now confirmed that he worked for the agency. The pilfered equipment appears to have included a dozen portable spectrum analyzers –handheld devices used to detect and gauge cell phone signals, among other things. Read more of this post

US government agent detained in Cuba for ‘aiding opposition groups’

Development Alternatives Inc. logo

DAI logo

By IAN ALLEN | intelNews.org |
American authorities have revealed the arrest in Cuba of a US government worker, who was allegedly supplying telecommunications equipment to opposition groups. The unidentified man, who was reportedly detained in Havana on December 5, is said to work for a Maryland-based international aid group called Development Alternatives Inc. (DAI). This little-known organization works closely with the government-owned United States Agency for International Development (USAID), and last year was awarded a major government contract in “support [of] the rule of law and human rights, political competition and consensus building” in Cuba. There are reports, however, that the contract involved the clandestine supply of laptop computers and cell phones to Cuban groups antagonistic to the government in Havana. Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 725 other followers