Barnes & Noble’s New $50 Nook Tablet Ships with Bonus Malware

Barnes & Noble's ongoing efforts to outsource as much of its Nook platform as possible has just come back to haunt it.

Linux Journal reports that the new Nook 7 Android tablet which launched last month comes with free malware and spyware installed:

The latest tablet from Barnes & Noble, the newly-released $49 BNTV450, has been found to include ADUPS. In the aftermath of the BLU data theft, ADUPS hostile data collection and control over Android may (or may not) be temporarily quelled, but harmful capability remains with the ADUPS agent. Devices running ADUPS should be considered under malicious control, and they should not be used with sensitive data of any kind.

This is the same malware which was discovered in Blu brand and other cheap smartphones last month, and it is a nasty customer.

It's a piece of spyware which sends all sorts of data back to ADUPS servers in China. Just consider it a data colostomy:

These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices… The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users’ consent and, in some versions of the software, the transmission of fine-grained device location information.

To be fair to ADUPS, they insist that they have cleaned up their act since last month. They say they pushed out a new version of their malware which no longer spies on users.

I don't know if that is true but it doesn't matter for owners of the new Nook Android tablet. Linux Journal made it clear that the version of ADUPS they found on the new Nook tablet is an older version which harvests users organs and sells them on the black market which does transmit user data to China.

If you have one of these tablets, I strongly urge you to return it.

Fortunately, B&N has a holidays return policy which states that customers have until 31 January to return most merchandise (including Nook devices)  purchased between 14 November and 31 December.

So if you have that new tablet, and you still have the box and receipt, you can get a full refund.

Barnes & Noble was contacted for comment, but has yet to respond. I will update this post with their statement when it arrives.

eBook Evangelist

About Nate Hoffelder (10599 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

9 Comments on Barnes & Noble’s New $50 Nook Tablet Ships with Bonus Malware

  1. Could you wipe the spyware off the Nook?

  2. If the tablet were fully secured, the answer would be no. By “fully secured,” I mean a locked bootloader and no exploitable flaws.

    However, the tablet ships with a VERY old flaw – CVE-2015-6616 is a bug in the Stagefright/Mediaserver system. It is possible to gain root through this flaw, then use root to erase the AdupsFota directories.

    Because CVE-2015-6616 is unpatched, the KingRoot application might be able to elevate your privilege and let you perform this surgery (but then you have to trust KingRoot).

  3. B&N, when it rains it pours. Their problem is they continue to try to short cut their way to profits instead of putting real, innovative work into it. Unfriendly user policy’s. 3 parties running Nook, the web page fiasco, now this.

    Then we have Amazon. They also scaled back on putting out high end tablets, but its still their own tablets. I don’t care for the new ones as I did the old ones but the experience is still Amazon. They need to get rid of Nook or start putting work into it.

  4. Is this just the $50 tablet or does it also effect the Samsung Galaxy Tab A?

  5. B&N pushed the firmware update to use the Google firmware OTA
    updater on Jan 8 2017. The Nook 7″ should now be free of any ADUPS
    software.

10 Trackbacks & Pingbacks

  1. The new Barnes&Noble Nooks come with free malware | Rami World Sync
  2. The new Barnes&Noble Nooks come with free malware | android planets
  3. The new Barnes & Noble Nooks come with free malware | Rami World Sync
  4. The new Barnes & Noble Nooks come with free malware – XUANDAIK
  5. The new Barnes & Noble Nooks come with free malware
  6. The new Barnes & Noble Nooks come with free malware | ReadNShare
  7. The new Barnes & Noble Nooks come with free malware – My Blog
  8. The new Barnes & Noble Nooks come with free malware | CubeNext
  9. The new Barnes & Noble Nooks come with free malware – Android News
  10. The new Barnes & Noble Nooks come with free malware – My Blog

Leave a comment

Your email address will not be published.


*


%d bloggers like this: