WASHINGTON, Nov. 16 (UPI) -- The Kryptowire security firm reports software pre-installed on some Android smartphones secretly monitored users and sent text message archives to a server in China every three days.
Kryptowire on Tuesday said the software was created by the Shanghai ADUPS Technology Company in China, but it is not known if the software, which also tracks location and call data, is used for government surveillance or advertising.
International customers and people who use disposable or prepaid phones are most affected by the software. The scope of how many phones are affected is unclear but Shanghai ADUPS Technology Company said its code runs on more than 700 million phones worldwide, The New York Times reports.
BLU Products, a U.S.-based phone manufacturer, said at least 120,000 of its phones were affected, adding that the company released an update to eliminate the software.
Shanghai ADUPS told The Verge the data collected has been deleted and was not given to others.
"In June 2016, some BLUE Product, Inc. devices applied a version of the ADUPS application that inadvertently included the functionality of flagging junk texts and calls that had been requested by other ADUPS clients," the company said. "When BLU raised objections, ADUPS took immediate measures to disable that functionality on Blu phones."
The U.S. Department of Homeland Security was "recently made aware of the concerns discovered by Kryptowire and is working with our public and private sector partners to identify appropriate mitigation strategies," DHS spokeswoman Marsha Catron said.
