Security flaws in ZTE phones mean they can be hacked to spy on users
Smartphones sold by Chinese technology company ZTE are vulnerable to cyberattacks because of a series of security flaws that could let hackers read emails and messages, it has been reported.
Fifth Domain reports that research into security flaws in smartphones that was funded by the US Department of Homeland Security found that the phones were released with vulnerabilities that could give hackers access to the devices.
It’s not yet clear if the flaws in ZTE phones have been used by hackers to steal any data. The full research into the flaws is expected to be announced at the Black Hat cybersecurity conference in Las Vegas on Friday.
However, a ZTE spokesman reportedly confirmed the security flaws and said that they were being fixed by releasing an update for its phones.
“ZTE has already delivered and/or is working with carriers today to deliver the maintenance releases that fix these identified issues,” the spokesman told Fifth Domain.
This isn’t the first time that security concerns have been raised about ZTE products, which can be bought in the UK.
The UK’s National Cyber Security Centre has blacklisted the company’s products due to concerns that its close links to the Chinese government could pose a security risk.
A letter was sent to UK telecoms companies in April which discouraged them from using ZTE products. However, BT has worked with the company since 2011 on research and development.
ZTE was barred from doing business in the US in April after after the US government found that the company had sought to evade US sanctions in Iran and North Korea.
The company was offered a reprieve in July when it was allowed to conduct business in the US from July 2 to August 1. It said that it used that window to transfer funds and provide customer support before the restrictions were put back in place.
