China’s global espionage project: Huawei firmware backdoors discovered

Firmware inspections of 558 Huawei products found over 100 vulnerabilities easily exploitable by those with knowledge of source code

Taiwan News
Date: 2019/07/06
By: Duncan DeAeth, Taiwan News, Staff Writer

TAIPEI (Taiwan News) – Cyber security analysts have discovered over a hundred common

(By Associated Press)
“backdoors” hidden in Huawei products by analyzing firmware code for vulnerabilities.

The potential to hack Huawei products and use them as a tool for espionage by the Chinese Communist Party (CCP), or by any hacker for that matter, is now better understood thanks to an investigation carried out by specialists with Finite State and ReFirm Labs.

According to a report published by Breaking Defense entitled “Hacker’s Heaven: Huawei’s Hidden Back Doors Found” investigators analyzed over 1.5 million firmware files embedded within 558 Huawei products.

In a 36 hour run of testing using cutting edge methods to analyze firmware files, researchers led by Matt Wyckhouse and Terry Dunlap found 102 vulnerabilities that would allow an outside actor with knowledge of the back door to access a device or network’s data.

Around 25 of the vulnerabilities were designated as “severe” enough to provide unrestricted access to an outside party. In addition to Huawei, Terry Dunlap’s team of researchers, some of them former U.S. National Security Agency employees, have discovered similar vulnerabilities in products manufactured by Dahua Technology Company which produces surveillance equipment.

According to the Breaking Defense report, Dahua products were used to spy on a Fortune 500 company in the U.S. With the help of Dunlap’s team, the company discovered their security system was sending the data to an unknown IP address in China.

Several of the vulnerabilities found on Huawei devices reportedly operate in the same manner as those of Dahua. The Chinese companies have also claimed such vulnerabilities are just bugs or simple errors that are fixed with updates.

However, after installing updates, both companies’ products were found to have simply relocated the same backdoors to different areas of the firmware code.    [FULL  STORY]