Jump to content

ES File Explorer Spyware?

werto165
By werto165
in Tech News
 Share
Posted

"The app in question is ES File Explorer, currently boasting some 300 million downloads in its Play Store listing. " 

"Little did I know that the app was also transmitting data back to a Chinese server at the same time." 

 

"Unknown Folder “baidu”

 
This all started with a thread on the Sony Xperia Care Forums that I came across last week. Honestly, the original idea for this post was to warn prospective Sony buyers about potential spyware in the My Xperia app. From that thread:
 
 
Read status and identity of your device
Make pictures and videos without your knowledge
Get your exact location
Read the contents of your USB memory
Read or edit accounts
Change security settings
Completely manage your network access
Couple with Bluetooth devices
Know what apps you are using
Prevent your device from entering sleep mode
Change audio settings
Change system settings
 
All of the above can potentially be monitored and managed remotely via internet WITHOUT YOUR KNOWLEDGE OR PERMISSION!"
 
"Baidu is the Chinese search giant that’s widely rumoured to have close ties with the PRC government. Hold that thought…" 
 
"Back to Baidu, I had noticed a file in the internal storage of my Nexus 5 called “baidu.cuid”. A bit of searching yielded a thread on XDA with other Nexus owners also in possession of this mystery file. The consensus seems to be that ES File Explorer is to blame. From that thread:" 
 
es-beijing-576x1024.png
 
"Again, I can’t say exactly what is being shared here, but the fact that an app with access to everything on my device and my home network is making a remote connection without my express consent is enough for me to stop using it. Immediately.
 
If you suspect that there may be spyware on your Android device then OS Monitor is your new best friend." 
 
Perhaps it's doing nothing, but why would it connect to the servers in Beijing? This all could be tin foil hat here but with the amount of spying happening without peoples knowledge, I wouldn't be surprised if this app was doing something fishy. I'm definitely deleting this app now. As the article said OS Monitor can be great for detecting apps that are doing something without your consent. 
 

CPU: Intel 3570 GPUs: Nvidia GTX 660Ti Case: Fractal design Define R4  Storage: 1TB WD Caviar Black & 240GB Hyper X 3k SSD Sound: Custom One Pros Keyboard: Ducky Shine 4 Mouse: Logitech G500

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'm sure it's just for updates and other functionality. I mean what the hell does The PRC want with my porn?

Spoiler

Prometheus (Main Rig)

CPU-Z Verification

Laptop: 

Spoiler

Intel Core i3-5005U, 8GB RAM, Crucial MX 100 128GB, Touch-Screen, Intel 7260 WiFi/Bluetooth card.

 Phone:

Spoiler

TruPureX, Asus Zenwatch 3.

 Game Consoles:

Spoiler

Softmodded Fat PS2 w/ 80GB HDD, and a Dreamcast.

 

If you want my attention quote my post, or tag me. If you don't use PCPartPicker I will ignore your build.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

I'm sure it's just for updates and other functionality. I mean what the hell does The PRC want with my porn?

Probably, but it does seem rather strange, I didn't use it that much anyway. So deleting it was a no brainer. Cyanogenmod has a great in built file manager anyway. 

CPU: Intel 3570 GPUs: Nvidia GTX 660Ti Case: Fractal design Define R4  Storage: 1TB WD Caviar Black & 240GB Hyper X 3k SSD Sound: Custom One Pros Keyboard: Ducky Shine 4 Mouse: Logitech G500

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Well I uninstalled just to be sure. I'm not a fan of the Chinese knowing all the things I do on my phone

"Great minds discuss ideas; average minds discuss events; small minds discuss people."

Main rig:

i7-4790 - 24GB RAM - GTX 970 - Samsung 840 240GB Evo - 2x 2TB Seagate. - 4 monitors - G710+ - G600 - Zalman Z9U3

Other devices

Oneplus One 64GB Sandstone

Surface Pro 3 - i7 - 256Gb

Surface RT

Server:

SuperMicro something - Xeon e3 1220 V2 - 12GB RAM - 16TB of Seagates 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

The baidu folder is real.

Also, the file is encoded pretty damn well.

It's base64 along with something else...

But it's only 89 bytes...

 

Also, my ES File Explorer connects to 2 servers in Sweden so and no China so...

i5 4670k @ 4.2GHz (Coolermaster Hyper 212 Evo); ASrock Z87 EXTREME4; 8GB Kingston HyperX Beast DDR3 RAM @ 2133MHz; Asus DirectCU GTX 560; Super Flower Golden King 550 Platinum PSU;1TB Seagate Barracuda;Corsair 200r case. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

The baidu folder is real.

Also, the file is encoded pretty damn well.

It's base64 along with something else...

But it's only 89 bytes...

 

Also, my ES File Explorer connects to 2 servers in Sweden so and no China so...

Well I guess it depends on the device perhaps? 

CPU: Intel 3570 GPUs: Nvidia GTX 660Ti Case: Fractal design Define R4  Storage: 1TB WD Caviar Black & 240GB Hyper X 3k SSD Sound: Custom One Pros Keyboard: Ducky Shine 4 Mouse: Logitech G500

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Too bad ES File Explorer is basically the best File Explorer on Android... (Please tell me of some alternatives if you think they are worthy)

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Why does it even need to connect to a server anywhere? 

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Too bad ES File Explorer is basically the best File Explorer on Android... (Please tell me of some alternatives if you think they are worthy)

Solid Explorer is what I use and it has a great interface, good developer and a decent amount of features.

 

https://play.google.com/store/apps/details?id=pl.solidexplorer&hl=en

 

It's only a trial though so if you like it then you'd have to buy it.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×