[ohashi]

How can someone detect if their phone has this backdoor installed?

[duked]

The thing is these are system apps so not easy to analyze unless you're root. What you can do is use observe your device traffic and see if any of these domains are pinged:

    bigdata.adups.com (primary)
    bigdata.adsunflower.com
    bigdata.adfuture.cn
    bigdata.advmob.cn

Then check the content of the POST request (usually to url/mobileupload.do )

[redwards510]

Sir, this is HN. You may assume we are root.