Another commenter reviewed decompiled code from the APK:<p>> I also did a quick passthrough of the decompiled code. There is logic there to upload log files and send phone information (IMEI, MAC, AndroidID, SerialNo). What's really nice is that most of their APIs use HTTP, not HTTPS!<p><a href="https://www.reddit.com/r/Android/comments/ektg8u/chinese_spyware_preinstalled_on_all_samsung/fddq5ib/" rel="nofollow">https://www.reddit.com/r/Android/comments/ektg8u/chinese_spy...</a>
Unless you can catch it sending sensitive information it could just be jet another normal crapware doing crapware things (some telemetry, bloaty updates etc.) but nothing truly malicious, no?