Profile picture
Elliot Alderson @fs0c131y
, 15 tweets, 13 min read Read on Twitter
<Thread> Hi @WikoMobile 👋! Let's talk about the ApeSaleTracker and ApeStsMonths apps found in your phones.
These apps are pre-installed system apps which send regularly and silently the user infos to a Chinese 3rd party called Tinno by HTTP or SMS without user consent
As state in the app names, these apps are used by Tinno.com to track the number of active devices they have all over the world. Tinno Mobile Technology Corp.. (aka Tinno) is a Chinese company based in Shenzhen which manufacture and sales mobile terminals.
When you boot your @WikoMobile device, the StsMonthsBootReceiver of ApeStsMonths (aka stsMonths) start the StsMonths Service. In the init function, it register receivers to the actions: DATE_CHANGED, STS_MONTHS, AIRPLANE_MODE, CONNECTIVITY_CHANGE. It also set a "sending" alarm.
When the alarm is triggered, it will send the @WikoMobile user IMEI, client number, GSM cell location, serial number, build version in clear text to eservice.tinno.com...Every month!
Moreover, when you boot your @WikoMobile device, the SaleTrackerBootReceiver of ApeSaleTracker (aka STS) start under certain conditions the SaleTrackerService.
As the StsMonthsService, the SaleTrackerService register receivers to STS_REFRESH, ACTION_SMS_SEND, ACTION_SMS_DELIVERED, AIRPLANE_MODE and CONNECTIVITY_CHANGE.
Depending the network availability this app will send @WikoMobile user IMEI, client number, product number, serial number, build version by HTTP or SMS.
Yes, you heard me, it will send you device info by SMS to a number located in Shenzhen
This app contain a basic warning activity which doesn't seems to be used. Even, if it is used, when you press the OK button nothing happen. So, there is no way to disable this data collection...
You will not see this screen, when you press the back button or the app switch button, they add a filter in the Android framework (in PhoneWindowManager) to not show you this app.
If you want to play with it and change the request parameters you can access the SaleTrackerActivity by typing *#*#2374#*#* in the dialer
Let's summarise:
1. @WikoMobile and Tinno is collecting your device info without user consent
2. As an end user you have no way to disable it.
3. They send SMS to China with your data without user consent
4. They send your data in clear text
Any comments @WikoMobile? GDPR is coming guys...
cc @AndroidAuth @AndroidPolice @androidcentral @androidandme @Androidheadline @AndroidPolice @xdadevelopers @AndroidSPIN @Gadgets360 @TheHackersNews @verge @CNET @VICE @WIRED @JAMESWT_MHT @malwrhunterteam @hackerfantastic @LukasStefanko @NowSecureMobile @twandroid @ANDROIDPIT
cc @LEXPRESS @lobs @libe @Le_Figaro @lemondefr @pixelsfr
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Elliot Alderson
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @fs0c131y see all

Profile picture
In 1981, the Primrose fails on a beach of the North Sentinel Island, pushed by a typhoon. You can still see the wreckage on Google Map, in a creek, in the northwest. The crew was saved only by a helicopter operated by the Indian Navy.
Exact coordinates on Google Maps. Open the link, this Island is wonderful! google.com/maps/place/Nor…
Awesome article in French about the North Sentinel Island from @lemondefr lemonde.fr/international/…
Read 3 tweets
Profile picture
I have a @Frida question: How to deal with a HashMap? I'm intercepting a Java method, "this" has a Hashmap in his attributes. I want to print the content of this HashMap cc @oleavr @enovella_
cc @NowSecureMobile 👋
cc @fridadotre
Read 3 tweets
Profile picture
.@Paytm, the most used banking app in #India, just sent a dummy notification to his users in the middle of the night. Imagine the reaction of the guy (hacker?) when he realised that he just sent a notification to millions of people
Paytm published a tweet regarding this notification
Read 3 tweets

Related threads

Profile picture
<thread>

Yesterday was the official public release of the app @cocoawithlove & I have been developing for around 8 months.
It is a “banking” app which serves the customers of a specific financial institution here in Australia: itunes.apple.com/au/app/apple-s…
Disregarding the limited utility of the app for most of you, I’d just like to quickly talk about how developing an iOS app from scratch in 2018 feels like.
First of all, the basic architecture of the app: we use MVVM-Rx layered in modules, and the only couple “real” dependencies we have is RxSwift and RxDataSources.

The vast majority of the code is purely functional and reactive. It is a pleasure to read as well as to write.
Read 10 tweets
Profile picture
<Thread> Allāh is the word for ‘God’ in Arabic. But where did this word come from? Muslim scholars have several views. Some regard it as a basic noun, others the definite form of the word “lāh”, ‘lofty’ or ‘hidden’, but most see it as a contracted form of al-ʾilāh, = ‘the deity’
Islamic tradition holds that the pre-Islamic pagans worshiped Allāh beside other gods = shirk ‘association’. Are there examples of this in the epigraphic record? Yes, but before we get to those, the corpus of 6th. CE Christian Arabic inscriptions continues to grow...
New texts suggest that Allāh, in this exact form, was not the common Arabic name of the monotheistic god in the century before Islam. In the Zebed inscription, the Christian god is called al-ʾilāh 'the God'.
Read 23 tweets
Profile picture
<Thread>
1/ California's election primary was on June 5, 2018, and Los Angeles County inexplicably excluded 118,509 registered voters from their voter roster printouts. Today IBM Security Services published a 3-page Executive Summary on what caused this error. (con't)
2/ I found this Executive Summary confusing because it begins by saying that a disruption LAvote.net occurred from 11:20 pm to 11:41 pm, but doesn't offer a date this occurred, and what LAvote.net has to do with printing voter roster lists.❓
3/ If the disruption to LAvote.net occurred on June 5 (after polls closed), how could this disruption affect the printing of voter registration lists (which obviously had to be printed and distributed before 7am on June 5.❓
Read 15 tweets
Profile picture
<THREAD>

There's been some talk of "primarying out" Democrats who voted for the CR. We've all heard of the Tea Party, but does anyone know who founded it?

I do. His name is Damon Eris./1
Damon championed third-party politics and urged us to "Dump the Duopoly." We used to comment on each others blogs. Even though we disagreed, Damon would promote liberals as well as conservatives, as long as they weren't Democrats of Republicans./2

politeaparty.blogspot.com
I remember when the the Kochs co-opted the Tea Party, effectively deposing him leader. Damon was devastated. There's a difference between being politically conservative & being a racist. Damon was the former, and was deeply troubled by the vulgar conservatives who usurped him./3
Read 11 tweets
Profile picture
<THREAD> This is a season of peace, but we need to pause for a minute to talk about war. The greatest security threat in the coming year is the prospect of a massive war on the Korean Peninsula—& Trump's dangerous gambit toward North Korea makes that outcome much more likely. 1/
North Korea has had nukes since the mid-2000s. During the 2016 campaign, when the North’s capability only seemed to threaten our regional allies South Korea and Japan, Trump was relatively sanguine. 2/
In fact, candidate Trump even suggested that Seoul & Tokyo should fend for themselves and consider getting their own nukes to counter the threat from North Korea rather than turning to America for help. nytimes.com/2016/03/27/us/… 3/
Read 37 tweets
Profile picture
<THREAD> I'm now hearing this meme that governments around the world have defeated communism.

Guys. It's time for some Marxist theory
A spectre is haunting Europe--the spectre of Communism. All the Powers of old Europe have entered into a holy alliance to 1/590
exorcise this spectre: Pope and Czar, Metternich and Guizot, French Radicals and German police-spies. Where is the party 2/590
Read 592 tweets

Trending hashtags

#Grassleymemo #BurmaShaveBillboard #TakeItBack #GoSilent #FabricatorInChief #VoteBlue #NSS #DonnieTwoScoops #Brazil #BlueWave #MBTA #MemorialDay #AirForceOne #Safaitic #RefusePolarization #WePayYOU #BlizzardOfUS #TreasonWeasels #BlizzardInLA #MentalHealth #StrongerTogether #MemorialDayWeekend #MakeItMatter #sisterResister #NunesMemo

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!