Remember the ADUPS malware that was discovered on Blu smartphones shipped by Amazon last month? Turns out that malware is also included on Barnes & Noble’s latest $50 7″ “NOOK tablet.” If you bought one for someone as a gift this season, you might want to return it while you still can.
Linux Journal uncovered the ugly surprise this week, noting that the tablet sends data back to a firmware provisioning company named ADUPS in Shanghai. “The software specializes both in Big Data collection of Android usage, and hostile app installation and/or firmware control,” Linux Journal explained. “Google has blacklisted the ADUPS agent in its Android Compatibility Test Suite (CTS).” While it’s blacklisted, which means it’s harder to install on devices that don’t have it to begin with, it’s being installed before it even arrives in customers hands.
ADUPS is collecting your data
This is something you should certainly pay attention to. ADUPS is capable of sending all sorts of data back to its services and, if you care about your privacy at all, you shouldn’t be using a device that’s loaded with the malware. We’re not just talking about the books you read, either; it’s capable of sending location data back and installing any software it sees fit, which means the door is wide open for attack.
If you happen to have one of these devices and want to protect yourself, you can either turn it off immediately, shut down all Wi-Fi access or block the following addresses from receiving data (thanks to a commenter on the Linux Journal page for providing them).
Me? I’d just return it.