In Xiaomi's case, it was MIUI Cloud Messaging service which was set to auto...but then made into an opt-in service. http://blog.gsmarena.com/regarding-xiaomi-data-leaking-controversy-editorial/ http://v3.co.uk/v3-uk/news/2359714/...hone-firm-xiaomi-caught-collecting-users-data Hugo Barra's post: https://plus.google.com/app/basic/stream/z12pinqioq2ltvrqj04cczrooo3uj5zi1jc Coolpad and Coolreaper backdoor is a different thing altogether. This one is much more similar to the Star N9500 (Samsung S4 clone) malware discovery.