BLU is one of the largest manufacturers of unlocked smartphones in the world, offering up some really great devices at cheap prices. Unfortunately, looks like some of those devices also came with a Chinese backdoor to your contacts, call logs, and text messages. Whoops.
The long and short is that BLU uses a third-party company called Adups to handle OTA software updates on some of its phones. That’s all well and good, but the app has been siphoning some information to China that it really should not have been doing.
The good news is that BLU has already patched the service that was doing this and they’re working with Google to implement Google’s own OTA service for updates going forward. If you have an affected BLU phone, you can go into your app settings to find the app called “Wireless Update” and check its version number. You want it to be version 5.4.x, as anything below that will still be problematic.
Six models are impacted by this data leak:
- R1 HD
- Energy X Plus 2
- Studio Touch
- Advance 4.0 L2
- Neo XL
- Energy Diamond
If you don’t have one of those phones, you should be in the clear. If you do have one of those phones, check that app ASAP.