Chinese Android phone maker hides secret backdoor on its devices

Gregg Keizer, ComputerWorld:

Chinese smartphone maker Coolpad has built an extensive "backdoor" into its Android devices that can track users, serve them unwanted advertisements and install unauthorized apps, a U.S. security firm alleged today.

In a research paper released today, Palo Alto Networks detailed its investigation of the backdoor, which it dubbed "CoolReaper."

This looks pretty bad. I'd certainly tell anyone I know to steer clear of Coolpad devices.

But something else in the article caught my eye. There's a line that says this backdoor is "more than the usual Android malware that has been planted on some smartphones at some point in the supply chain." Usual? Planted at some point in the supply chain? If that line is accurate, just how bad is Android's malware problem?