Recently, there was a post that appeared on Reddit’s largest Android forum with alarming news called “Chinese spyware pre-installed on all Samsung phones.”
A mandatory feature, Samsung’s Device Care application comes preinstalled as a package of Samsung’s Android implementation that can’t be removed which were said to be the problem with the utility. With the use of packet analysis tools on the Galaxy S10, the author went and discovered that there is some strange traffic coming out of the Device Care’s storage scanner, that looks for junk files which can be deleted to free up space. That scanner then sends data to Chinese domains; and usually, since storage scanners often need access to all the files on your computer, the data is capable to include almost anything.
In the post, there was an explanation; however, it wasn’t convincing. The scanner utility was made regarding collaboration with a Chinese security company, Qihoo 360, which occasionally made headlines for complying with national censorship directives. The data that was sent to Qihoo, was not clear on which data were sent and why, which gives a reason to Reddit users to worry about the spyware. It is even more concerning since users cannot remove the app because it was built into Samsung’s operating system.
Samsung has made it clear that it does not seem as alarming as it was highlighted to be. Samsung takes their user's data privacy seriously. The company stated that the only data that was sent to Qihoo are the generic information needed to optimise storage, which are the OS version, phone model and storage capacity, along with other data. Qihoo is known for its library identifying junk files that are stored locally in the utility. Qihoo never receives any data that is able to identify a particular file in a user’s device.