Select Sony Xperia firmware appears to contain Baidu spyware

Are you running a Sony Xperia handset with KitKat firmware? Then you may want to check your internal storage for a folder called “Baidu”. It appears that certain Android 4.4.2 or 4.4.4 firmware contains this folder, which is part of the stock build. The folder cannot be deleted, even if you try it will reappear once again shortly after.

Strangely, the folder appears to be created by Sony’s “my Xperia” service each time a network connection is switched on. Unfortunately, unticking the app from Device Administrators does not solve the issue. Neither does starting the phone in Safe Mode. The only temporary workaround is to block the MyXperia app from starting by using an “adb shell” command.



What is quite concerning regarding this development, is that through this process, the phone is making several pings to Chinese servers. Yet, we don’t know what information is being communicated. Sony recently escalated this to its internal teams and recently outlined the following message on its support forum:

“This folder will be removed in future software updates for the phone. Until then I can only advise that you delete it manually after a reboot if you want to remove it. It’s safe to just delete it.”

This is obviously a very serious issue, we noticed the “Baidu” folder on both new Xperia Z3 and Xperia Z3 Compact handsets. Sony needs to communicate how this app appeared in the first place and to reveal what information is being gathered. At least, Sony has a fix on the way. As soon as we hear any more we’ll let you know.

Update: Sony has not responded to this and says there is nothing to be concerned. A full explanation can be found here.

A “baidu” folder appears in a number of stock Sony Xperia KitKat firmware builds

This folder is connected to Sony’s “my Xperia” location service and is regularly pinging with Chinese servers

Via Sony Mobile Talk, Reddit and Hacker News.

Thanks Gunnaro and Zeroforces!