Skip to content

360 Security Antivirus Boost app leaking data to China?

I recently was pointed to a comment on the 360 Security – Antivirus Boost app (https://play.google.com/store/apps/details?id=com.qihoo.security&reviewId=Z3A6QU9xcFRPSG1HSTRaSVdNelVWY3FhZk5zcFlFMnZKeXRKRHhhQUE4VU9pLWV4UFBxeHJ3Xy1ZZWU2bEpOLTg0eGxzczFCV0lkaWxxTHRzZTQ4RWxzU2c).

This comment, posted by a Neel Bonnie, reports that he has discovered the app forming an insecure HTTP link to the IP address 123.125.114.8. This IP belongs to the Chinese state owned China Unicorn Network. Bonnie notes that the creator of the app, Qinhoo 360, is partially owned by this China Unicorn Network. Interestingly, Bonnie notes that when the app has been installed on a device, the temperature of the device rises frequently. This could potentially be an indicator of covert data transfers taking place.

Some discussion of the reported issue has taken place via the Full Disclosure email digest, with others reporting similar issues. It is at this point unclear exactly what data is being leaked to China, but it is potentially a worrying issue if nothing else.

Published inInformation Security

Be First to Comment

Leave a Reply

Your email address will not be published.