I got this new Xiaomi Redmi Note 2 and after couple of hours started to notice strange behaviour. It showed pop-up advertising! Pop-ups came on top of any app I happened to be using that time. Obviously that was really annoying but also very scary, as my whole phone was potentially compromised. I tried factory resetting the phone, but it didn't help. I did a full wipe and installed an official ROM from Xiaomi's homepage. Also changed all the passwords that could have been compromised.
I was just thinking what's the lesson here? Can we trust any software that is pre-installed in new electronics or is it just the Chinese phones? I know Xiaomi's own Android is full of bloat and probably spies for the Chinese government, but the custom ROM was clearly installed for someone's personal gain.
I already posted this to /v/security but I think this /v/android might be a more useful place to share this incident.
Sort: Top
[–] 007ace 0 points 2 points 2 points (+2|-0) ago
There have been a few apps that will ask for root access and install ad servers to your /system partition. So it sticks around after factory resets (but a fresh from flash will remove it). Google 'Shuanet' for more info.
[–] priva [S] 0 points 1 point 1 point (+1|-0) ago
Thanks for this piece of information! I kinda assumed the whole ROM needs to be hacked, if factory reset does not fix the problem, but yeah my knowledge is very limited.
[–] GoddammitMrNoodle 0 points 1 point 1 point (+1|-0) ago
Who did you buy it from?
[–] priva [S] ago
I bought it from DirectD during my vacation. It's the largest electronics store in Malaysia.
[–] JustAnotherHuman ago
I think this really depends on where you bought the phone from. Are you in the USA? did you buy from an importer? then when the phone makes round from xiaomi to you, it may be compromised in the middle somewhere.
Good job on wiping the phone and changing your passwords; one piece of advice: use two step auth wherever you can, specially your main email account