Earlier this week, malware was discovered to have been pre-installed on the latest version of the Barnes & Noble NOOK tablet – model BNTV450 which retails for about $49. Experts are warning consumers who have one of these devices to remove any personal data immediately, and advise anyone who receives one of these devices over the holidays not to connect it to the Internet, or create or access any accounts from the device.
This malicious software was created by ADPUS, a firmware company based in China. ADPUS first made headlines last month when it came to light that more than 700 million lower-end Android devices had a backdoor installed in their programming that was secretly gathering and feeding users personal data to China. The list of nasty abilities this particular strain of malware has includes:
– SMS Recording – SMS Transmission
– IMEI Exfiltration – IMSI (Transmission)
– Call Log Transmission – Call Contact Information Transmission
– Location Collection and Transmission – Command Injection
– Remote User Application Update – Remote User Application Install
– Transmit List of Installed Applications – Transmit order of application execution
– Programmatic Firmware Update – IP Address (Transmission)
– Name (for contacts)
– Remote Execution and Privilege Escalation (without user notification or request)
As it stands right now, the only way to remove this firmware from affected tablets is to fully format the device and install a third-party ROM. A statement from Barnes & Noble claims that their team is currently working on an update that will help to mitigate the issue, and that ADPUS has assured them no personal data was collected from Barnes & Noble customers, but the consensus among the technology community is to simply return the device. At bare minimum, consumers should refrain from using the device until the problem has been resolved completely.
Barnes & Nobel’s return policy will allow for any NOOKs purchased between November 14th and December 31st to be returned by January 31st, provided you have both the box and the receipt.
To learn more about malware, and how to protect yourself and your business from cyber threats, contact CTECH Consulting Group at info@ctechgroup.net or (403) 457-1478. We’re the IT professionals businesses in {city} trust.
My passion is to make my mark on the world in a positive and lasting way. I want to set an example for my son that his father can compete with integrity in today’s world, be very successful, and leave the world a better place for him.
Combining my technical/business-based education with a long career steadily progressing up the corporate ladder, I decided to build a company that held true to my values. So, I founded and designed the next generation of IT support firm: CTECH Consulting Group Inc. We are a completely automated, cloud-based IT company designed to compete against any other IT firm without the overhead. We promote a lifestyle to all our staff where they can work anywhere, at any time, access any information on any device that is relevant to their job, and collaborate with anyone they want to.