Sony Xperia devices are sendng your data to China


If you are using a Sony Xperia device running either Android 4.4.2 or 4.4.4 it’s advised (by me) that you install a custom ROM on your device. Several reports have appeared online that the stock firmware on these devices contains Baidu spyware that is discreetly sending data back to servers in China, you do not need to have installed any software on your phone as it’s bundled into the firmware.

With this spyware, a user named ‘Elbird’, on the Sony forums, claims that the Chinese Government can:
– Read status and identity of your device
– Make pictures and videos without your knowledge
– Get your exact location
– Read the contents of your USB memory
– Read or edit accounts
– Change security settings
– Completely manage your network access
– Couple with bluetooth devices
– Know what apps you’re using
– Prevent your device from entering sleep mode
– Change audio settings
– Change system settings

You can check to see if you have the spyware by using a file manager and checking for a folder called ‘Baidu’, some reports on Reddit also claim that their none Sony devices also have the folder so it’s worth making sure you’re not infected by checking your files. Some people have offered more complicated solutions to the problem by just blocking a service running on the device that creates the folder, but with this method it’s not safe to assume that your device will remain virus free so doing a clean ROM install is best.

Sony says that the problem will be fixed in Lollipop however Sony devices won’t get that release for a few months yet, the best course of action if you have an infected device is to research CyanogenMod to check if your device is supported, if it’s not then check the XDA forums for a ROM that does work on your phone.

Source: The Hacker News

Free and Open Source software advocate. I’ve been enthusiastic about new technology for over half a decade and now I’m just waiting for the technological singularity. Post-Snowden, I’ve developed a dislike for surveillance meaning I use FLOSS religiously over proprietary alternatives. Amateur Astronomy is also a hobby of mine!


  1. If you’re running ANY carrier software, you should worry. Get custom roms on your phones immediately. duh.

  2. So y habe responded and explained that this is due to their My Xperia service being capable of using both Google Cloud Messaging and Baidu Push Notification framework for a transport backend, especially due to Google being blocked in China.

    I would be more worried about the Google spyware present on every mainstream Android device.

Leave a Reply