Select Sony Xperia firmware appears to contain Baidu spyware

by XB on 28th October 2014

in Applications, Featured Content, Problems

Xpeira Baidu_2Are you running a Sony Xperia handset with KitKat firmware? Then you may want to check your internal storage for a folder called “Baidu”. It appears that certain Android 4.4.2 or 4.4.4 firmware contains this folder, which is part of the stock build. The folder cannot be deleted, even if you try it will reappear once again shortly after.

Strangely, the folder appears to be created by Sony’s “my Xperia” service each time a network connection is switched on. Unfortunately, unticking the app from Device Administrators does not solve the issue. Neither does starting the phone in Safe Mode. The only temporary workaround is to block the MyXperia app from starting by using an “adb shell” command.

What is quite concerning regarding this development, is that through this process, the phone is making several pings to Chinese servers. Yet, we don’t know what information is being communicated. Sony recently escalated this to its internal teams and recently outlined the following message on its support forum:

This folder will be removed in future software updates for the phone. Until then I can only advise that you delete it manually after a reboot if you want to remove it. It’s safe to just delete it.

This is obviously a very serious issue, we noticed the “Baidu” folder on both new Xperia Z3 and Xperia Z3 Compact handsets. Sony needs to communicate how this app appeared in the first place and to reveal what information is being gathered. At least, Sony has a fix on the way. As soon as we hear any more we’ll let you know.

Update: Sony has not responded to this and says there is nothing to be concerned. A full explanation can be found here.

A “baidu” folder appears in a number of stock Sony Xperia KitKat firmware builds

2014-10-28 20.20.18

This folder is connected to Sony’s “my Xperia” location service and is regularly pinging with Chinese servers

Xpeira Baidu_1 Xpeira Baidu_2

Via Sony Mobile Talk, Reddit and Hacker News.

Thanks Gunnaro and Zeroforces!

  • Jerry Berglund

    This isnt good? My Xperia Z1 compact do also have this catalog and its also 4.4.4 kitkat.

  • Ali Alkhazal

    My Z2 also have it. I dont care about it anyway my phone has very little information about me. I deleted it though

  • apolloa

    Most likely the Chinese government agency’s trying to spy on people and I am not even joking, everyone spy’s on everyone these days, unfortunately.

  • Guest

    fucking hell !! with those damm intruders on my Z2!!! thanks xperiablog!

  • wei

    we need to set up a list of countries.

    What I can contribute after checking:

    Does not have the “baidu” folder
    Singapore Z1 Compact on 4.4.4
    Singapore Z3 Tablet on 4.4.2
    Hong Kong ZR on 4.2.2 (i.e. not KitKat)

    Does have the “baidu” folder (!!!!)
    Malaysia ZR on 4.4.4
    Hong Kong Z3 Dual on 4.4.4
    Hong Kong ZR on 4.4.4

  • wei

    correction, that’s “Singapore Z2 Tablet”, not Z3 tablet. no “Baidu” folder.

  • Guest

    Fucking hell with those damm intruders!!!

  • Bob

    I actually noticed this ages ago on my rooted GS3 running cm11, so its not just on Sony devices

  • Kabuto Kouji

    fucking hell with those damm intruders!!!

  • Micro

    Having the Facebook installed and concerning about privacy because of several pings to China

  • Bur

    Its not spyware, it is for a chinese search engine but why its on (most) android phones idunno

  • Ulla

    My xZ have it. Sweden.

  • QBerto

    My SP running stock 4.3 latest build have that folder too… wth Sony D:
    obviously I’ll not have a firmware update to fix it, so what I supposed to do now?

  • Bur

    Okay I deleted it, and now facebook isnt working via browser?

  • but china doesn’t block facebook?

  • Guest

    Update, I cleared browser history and cache now its fixed

  • timothy chan

    it’s created by a bunch of apps like ES File Explorer (which I have) and WeChat using Baidu’s SDK or whatever.

  • Bur

    I dont even live in China, I live in the Netherlands, as soon as the baidu folder came back my fb was working again….

  • -l-eMn-l-

    My M2 has a Baidu folder… Hope we receive an update. :(

  • Lytros

    Using Z1 4.4.4 in Portugal – no Baidu folder

  • ivo

    M2 with 4.4.2 also

  • Rammstone

    Mindblowing. I have the folder on Xperia Z 4.4.4. Why are they saying we can delete it after reboot when it just comes back?

  • M Usman

    maybe the Chinese are looking to recruit secret agents and the best way to do it is because they know the smartest people only opt for an Xperia Device ;) the paranoia is insane haha

  • M Usman

    anyways just checked, my Z2 does not contain this folder :)

  • M Usman

    Panic? lol don’t do anything. you’re safe. you won’t get abducted by the Chinese

  • Faisal Armand

    Thank God my Z2 doesn’t have it

  • Black.Side

    My Z2 dosen’t have it



  • Xperian

    Z2 build .213 MEA have it

  • chunkybeats

    I just rebooted my 4.4.4 running Xperia Z and deleted it straight away. Baidu folder has disappeared. Hopefully for now!

  • gunboat_d

    Except you elect to send your data to FB and its partners. Are people being gven the option to opt out of sending data (what kind of data?) to a company they have not signed up for?

  • Micro

    you missed the point
    once you can browse your FB friend wall without the FB having access to your SMS messages, let me know, I would love to opt out of this one.
    FB basically have full unlimited access to everything in your phone and it’s ok, but several pings to China and one more folder on your phone is such a problem.
    There is a word for that – paranoia

  • xperiaDROID

    My Xperia Z has this, but I don’t really mind about that, I’m not a celebrity with a bunch of nude pictures. Besides, they’re just doing their job, Google is also spying us anyways. Baidu and Google are search engines, so that’s normal.

  • xperiaDROID

    Use your magic, Snape!

  • Lex

    Also present on Xperia P 4.1.2 Stock

  • poenyaku

    using link2sd on rooted ZR running stock 4.4.4,i just freeze “my xperia” and the baidu folder never appears again

  • QBerto

    Well.. no, but actually that thing can explain those abnormal data usage in XperiaHome and AndroidOS apps (not so much, about 10MB each, but strange)…. I deleted it and tomorrow I’ll see what happens, until now the folder has no appeared again

  • poenyaku

    Indonesia ZR on 4.4.4 does have baidu folder

  • Md Olyullah Akand

    I think it comes with CM- Clean Master App.

  • Gav

    No different to all the other info given to google. Are we simply worried because it is Chinese?!?

  • gtop

    adb shell pm block

    Done – myXperia disappears from Device Admins, no longer keeps open connection to chinese servers, and the baidu folder won’t be recreated.

  • Willian Quah

    my z1 internal storage doesnt have but it appears on my SD Card

  • Ninjas

    reading through the comment made me giggle. Have a nice day everyone

  • guest

    i had a folder cold digest that kept coming up on my phone just deleted myxperia.apk and now it has gone

  • EB

    This is not good. I can put up with buggy software updates and faulty hardware from Sony but this is something else. I hope this is not specific to Sony. Maybe Google is banned in China so they have to default to Baidu for users in China. You have heard about Xiaomi handsets sending data back to Beijing.

    Being in Hong Kong you can see closely what China is like. I am not comfortable with my data being sent back to a country that has no rule of law or respect for human rights.

    folders duely deleted.

  • sushil

    I dnt have it on my z1 compact

  • Rifqi Al Fariz

    Wait til 4.4.4 strikes your z2

  • WaiSieLei

    4.4.4 — read it aloud in Chinese and it means “die die die” – just saying :)

  • Guest

    i guess some chinese spy masquerading as sony employee. fuck china!!

  • Singh Noni

    I have it in my Z but not on Z1 compact. The Z1 compact battery lasts longer and now I know why

  • SSyar

    Thats why i root first.,., remove bloatware second.,., dont use myXperia third

  • Vuyo Ncube

    Not on my Z1 (South Africa).

  • Eduardo Otero

    Who told you you won’t have an updare to fix that???
    What you won’t have is a new version of Android (4.4.2)

  • James

    I had this folder on the 10.5.1A.0283 (android 4.4.4) firmware for the Xperia Z. Time to add some more servers to my hosts file

  • Raj Singh

    Don’t see it on my Z Ultra…

  • Pingback: ?????Android4.4???Xperia?Baidu??????????????????????????()

  • shawwawa

    Does have the “baidu” folder

    Taiwan ZR on 4.4.4

    Taiwan Z3 Compact on 4.4.4

  • Amit Pharande

    Not only stock Sony Kitkat firmware… even Legacy Xperia CM11 4.4.4 for Xperia 2011 devices having this folder inside Firmware. Check below Image. #FuckChina

  • TimmY

    This “fixed” for me.

  • Sam

    E3 also have this folder.

  • lasttodie

    Greatings from Norway,this folder is not on my Z2 but a friends Z3 got it.

  • Ibrahim Yusuf

    My Z1 Compact has this folder too.

  • SauSony

    I see this folder on Z1C with Android 4.3 too.

  • Mark Barrios

    my Nexus 5 on stock Kitkat 4.4.4 also has this folder. My GNex on CM 11 however does not have it.

  • tsc

    What for an app is that on the screenshots which shows the established connections?

  • Dmitry Perets

    Awesome. Somebody found a folder called “Baidu” on Xperia, figured out that Baidu is from China, even noticed some connection to China and made an instant intelligent guess that it was a spyware pre-installed on Sony devices. Because whatever connects to China is obviously a spyware! If it would connect to US, it would be OK, even without checking the owner of the IP. But China? Of course it is a spyware!

    Of course, it doesn’t matter that this folder was later found on some HTC One M7, Nexus 5, Samsung Galaxy SIII etc. If you search Google for “Baidu spyware” now, you see immediately that Sony – and only Sony – pre-installs spyware on their handsets.

    Of course, it also doesn’t matter that Baidu offers all kinds of services, and probably myXperia feature is just using its SDK (just like many others do). Nobody and nowehere provided any technical details proving that this connection is used for spyware. The only clue is that it is Chinese. Still, everybody knows now that Sony cooperates with Chinese spies!

    No investigation, no technical details, nothing. Such a cool example of this idiotic hysteria about privacy, caused by the fact that people think they are more important than they really are! It is just a bit sad that this time it will hit Sony sales, probably for no reason…

  • mohammed sibin

    Oh my god!!!!

  • matilda

    Nothing on Z ultra :)

  • silverbios

    after delete this folder many app connect to this ip!!!
    SX ZL 4.4.4

  • roeshak

    Not on my z2 so happy days lol!

  • osin17

    I check on my Z phone, last modified date of files in the Baidu Folder: 10/09/2014. It seems that this file has been initialized during my kitkat update, nothing more. But i don’t know which kind of informations are in these database files.

  • Mohammed Khired

    i have this folder in my xperia tx with jelly bean 4.3….

  • jonny

    Its china thats why. They suck

  • FooVoyager

    Probably some Qualcomm interface stuff. According to Wikipedia:

    “On November 18, 2012, Baidu announced that they would be partnering with Qualcomm to offer free cloud storage to Android users with Snapdragon processors.”

    Thats probably why other Android distros also have this. As a side note, I don’t have this folder on my Z1 Compact running 4.4.4.

  • Doubleyoupee

    Got it as well on my C6503 Xperia ZL :S

  • Barack Obama

    Oh no, hells gonna break loose, the Chinese will take over the world starting with our smartphones, we’re all doomed!

  • Pingback: ?i?n tho?i Xperia “dính” th? m?c l? khi c?p nh?t Android 4.4 - Kênh Công ngh?()

  • Felix

    For me too. But the creating date is a month old, so maybe it’s some app that I recently uninstalled.

  • Guest

    My Z3C has it too,but my Z1C does not,both 4.4.4

  • Han Setiawan

    Yes, it’s totally annoying. It seems to appear on my Xperia Z as well

  • dui

    What app you use to analyze connection?

  • wamps

    Im not defending fb here but at least you can decide to install or dont install fb at all. But this thing that we never install and cannot delete is secretly sending info to china is totally wrong. Its not “paranoia” i will call it an “option”

  • Panyawat Boonyarit

    Fuck Bitch

  • Micro

    I get it buddy, I do. But let’s assume that Baidu is a search engine company, just like Google (more or less it is).
    Can we opt out of Google like that? Of course not. Do we really know what information are being transmitted all the time? Especially through “google services”? I guess not. Are we sure that never to China (or Zimbabwe, or Russia if it makes any difference where the data center is)? Hell no. There is no such option to opt out too, but it’s still ok, right…? ;) The same thing applies to fb. I will never know who looks at my call list or SMS messages. Or where.

    IMO – Sure, you can uninstall fb, you can uninstall google services (and this is the one causing the real trouble if you try). So you can uninstall My Xperia (supposed to find your lost phone using location services in the first place, so I guess this is just what it does).

  • Micro

    Hi Fuck Bitch, welcome to the blog, nice to meet you. We appreciate your efforts to post such a constructive comments.

  • quux

    Baidu map service will be a good assumption. Cause google map is banned in china, this seemed to be a good practice to avoid two versions of My Xperia. If it was a spyware, an alert or something would have been issued by sony.

  • quux

    UPDATE: After some observations on my Xperia Devices running CM11, these folders should partly be the byproducts of baidu push service. The reason, again, be that google cloud message is banned in china, so any app which utilizes push service, will need an alternative solution in china, and baidu push service is such a solution. My Xperia definitely need push service, and we may assume that many popular apps should make some use of baidu push service once upon a time. So it’s not odd if you got this baidu folder in your android.

  • Pingback: Il firmware di alcuni Xperia sembra contenere uno spyware cinese - Tutto Android()

  • luqman_98

    I uninstalled myXperia app right after I rooted my Xperia :)

  • Ibrahim Yusuf

    maybe you didn’t register your Z1C with my Xperia

  • Not on my Xperia M

  • FredrikAn

    It’s not only Xperia devices. I guess there is some app creating it. ES File Explorer have been mentioned.

  • Sharath

    Not just in Sony devices, it’s even present in my Nexus 5.

  • Name

    just leave poor CHina alone, please

  • XperiaBlog

    We have been pointed to this possible explanation, over from the OPO forums.

    “Baidu is basically Chinese Google. The Chinese government has control over censorship in the country. These two individual facts do not mean your data is being harvested. For those that are paranoid beyond my reasoning, I’ll provide instructions to block this without root at the end of the post. For everyone else, please read on.

    Currently people are getting excited about the fact that the Z3/Z3c are pinging a server in China and creating a Baidu folder in the internal storage which contains a rather large database of information. This was discovered to be caused by the myXperia app. The service begins pinging the server as soon as the network connection returns a “true” state (meaning connected). This is when the Baidu folder is created, even if you deleted it previously.

    The myXperia service provides you with various features specific to your device. One of those is remote wipe functionality. In order to do this, the service needs to maintain a rather frequent check in to the home server to verify location data and device state among other things. This needs to happen even if the device is factory reset, since it sends a unique device identifier to the server to validate against any known devices reported stolen. Factory resetting your device would otherwise prevent the thief from being discovered and would render the service nearly useless. This is why it runs all the time.

    The problem most people have is that the servers Sony are using happen to be in China for two obvious reasons. One reason is the low cost. I don’t think further explanation is needed here. The other reason would be to ensure that Chinese citizens can still use the service as well, since this sort of service must be hosted in the Chinese mainland for them to have access to it under Chinese law. This is for censorship purposes.

    Another issue people have with this is that the service runs at boot time even if you don’t enable the myXperia service. This happens for the reason I listed before. If the device is factory reset and it doesn’t phone home, then the thief simply gets away with it. This prevents that from happening as best as can be helped by running from the time of initial setup.

    Perhaps the choice of monitoring partner was poor, but there seem to be valid reasons beyond “OMG SONY WANTS MY TIN FOIL HAT”. Perhaps there is a bit of truth to that, but I doubt that this is malicious or anything more than a misunderstanding by the general public.”

    So, with all that in mind, do you still wish to allow this service to run on your device? If not, here’s how you prevent it from giving you anymore headaches.

    1) Go ahead and backup anything you need and factory reset.

    2) Remove your SIM card before powering back up.

    3) Skip through the initial setup options without connecting to a network.

    4) Open up Settings > Apps > Running and Force Close the two myXperia apps.

    5) Use the File Commander app and delete the Baidu folder from the internal storage.

    6) Open up Settings > About Phone > Tap the Build Number 7 times to enable developer mode.

    7) Enable USB debugging in the Developer Settings.

    8) Plug the Z3/Z3c into your PC and open up a command window with adb.

    9) Enter the following lines into the command window.

    adb shell
    pm block

  • English DefenceLeague

    What next North Korea?

  • Pingback: Temat do hejtowania Producentów Smartfonów. :) - Strona 6743()

  • Quang

    Let me ask, what is application to check the connection in this article?

  • Jumbo

    Well said, you have me following you German Shepard! (From your avatar if I’m not mistaken)

  • Anton Pham

    Google is banned in China, so the alternative is Baidu for Maps, Analytics, Youtube/Youku, Search etc.

  • XperiaBlog
  • joe

    I have 4.4.4 on my Z1 Compact and there is no folder with that name

  • putte40

    Have it on my z3c, recreates itself….

  • Rifqi Al Fariz

    loool :D

  • spuhunter

    It is on the Z Tablets as well.

  • gtop

    The problem with this is that Sony doesn’t provide a way to opt out of this at all. I’m happy to stick only with Google’s solution here, but I can’t. No, I don’t want to maintain a constant connection to servers in Beijing. I shouldn’t have to explain why to anyone, least of all Sony – it’s my phone after all, not Sony’s! No, unchecking the My Xperia options or disabling it as device administrator doesn’t do anything about this, which it absolutely should.

  • thoughts

    Never seen it on my xperia smartphones (x10, s, sp, z1) more trust in baidu, usa i hate, nsa i hate, google is their user data greedy companion, made in china seems more trustworthy than made in usa, ask snowden and putin.

  • azzido

    Fortunately I do not have it on my Z2. I will quit buying Sony phones if I hear again about spying me from this company! Who knows, maybe Sony just hired any chinese company to create myXperia app and maybe wanted this spy as well, or maybe chinese devs just added it on their own, who knows! We simply do not want this shit!

  • robertkoa

    I don’t know….seemed like last time I Chinese Food the Fortune Cookies were staring at me….

    Are they supposed to have antennas ?

  • Guys for the record I had the folder in my Moto G2. Deleted it, waiting to see more reactions to it.

  • Vasilis K.

    They’re sending data to aliens who are about to invade Earth!

  • Muhd Faezin (Tiago – Rio 2)

    lol :D

  • AngryPanda

    Those arn’t JUST pings. They’re established TCP sessions on port 5287. Something is being transmitted and received in that session. If only we knew what…

  • AngryPanda

    I would if they’d leave me alone as well.

  • Maxx Tan

    Dear mod, you should just post this as a separate article. Most of those that read this article are already going monkeys & shittin’ bananas about it and they’re probable not reading this comment from you.

  • BooBaidu

    Baidu is on my phone. I delete it and it comes back. Like Michael Myers on Halloween.

  • NameBroke-en

    Do thing that one no play phone Xperia not is?

  • Sucks

    Singapore Z3 Has =.=

  • b100

    chinese are everywhere…this news must needed to be spread…

  • b100

    but i had it and now it’s no more…

  • Damo Conti

    Z1 4.4.4 au optus fw no baidu folder but got digest folder look like security keys or sonething. They’re associated with sony reader.hope Chinese spys haven’t done this

  • b100

    not until THEY leave us…

  • b100

    i had it but now it’s no more

  • b100

    ya f… chinese

  • b100

    And it’ll cont.. until u disable my xperia

  • b100
  • b100

    yup until we defend it

  • b100

    root and disable my xperia

  • Xeoros

    I’m pefer firmware 4.4.4 too. but i don’t have baidu folder. i play myxperia & reboot my phone but baidu folder still not appear on my phone :)

  • Guest

    forgot attach my pic :P

  • Guest
  • Guest
  • Pingback: ???? ?????????? ???????? ???????????? ???????????????? ???????????? ??????????? ?????????()

  • Juline An

    make more of your resources and get paid $9500 in 1 month by working on the internet If You do not have time to Come to Meet then You can Visit our Website Where You can Get Complete Training About this Online Money Making Program register here…http://?.ws/easyearn

  • Juline An

    make more out of your resources by doing online jobs from your home…. Get $5708 a month by working for few hours a day. Start by checking the “HOME tab” on following page…>>> -> LEARN MORE by clicking HERE!<-

  • Ratheesh Kettavan


  • Bunny

    hi guys, seems like my HTC One E8 also has this baidu fackers!

  • Dean

    It’s not on my Z2 :)

  • Pingback: Alleged Baidu Spyware Gathering User Data From Sony XPeria Smartphones; "Unexpected Behaviour" Sony Says | HOTforSecurity()

  • luqman_98

    Can you buy me a Xperia Z3 Compact? :P

  • luqman_98
  • Rash

    I remove my xperia app delete the baidu folder reboot the sony z and the folder still there but the connection to the chines server was made by claculater app i downloded from google play so i uninstall this app delete the baidu folder reboot and it was gone and no connection to chines servers.

  • Loizos Aristides

    It’s the file manager…ES file explorer uses BAIDU too..
    Sp00ky :o

  • Pingback: ????? : ???? ????? ???? ??? ???? ??????? ???? ??? ????? ??? ?????? ??? ! | ???? ???? ????? ???? ????()

  • Krishna Krish

    Lol, “omg, Sony wants my tin foil

  • Vader_MIB

    Noticed it at first glance today when uploading stuff in my phone. I deleted it but did not konw that it would come back. And I was not happy to find it. If i had buy the phone on the internet, i would have send it back for that. This is for me a very serious issue and i hate that.

    It’s not about having things to hide to the Chinese, it’s about not knowing that this is happening and not being able to disable this.

  • dui


  • jorik_fr

    i have this process in my french z3 compact. i would like to call sony and yell against them… for what results ? i choose to block this process ” my xperia” with a firewall. i think it’s enought.
    anyway, china, multinational groups, or anything else are evil. what can we do ?

  • 09nj

    .I have Xperia sp (4.3) and it too have this folder

  • killertact

    The Chinese and American government are working together.

  • slick

    lmfao…well said!

  • Pingback: Sony Xperia Z3 Spy App Reveals New Trend in China’s Cyberespionage | Smart-Phones the point()

  • DethEngineer

    I have an Xperia S with Jelly Bean and I have that Baidu file

  • DethEngineer

    I get your point, but when you install FB you grant access to read and send all the data. This is different because you havent authorized the service to send the data

  • Micro

    Well, technically it’s pre-installed so you have to agree to the terms of use before it sends anything (before you start using it, and yes, they mention such data sharing in the privacy policy). But point me out one single person who actually have read it ;)

  • DethEngineer

    You are right, if it has something written about this…

  • Pingback: ????? : ???? ????? ???? ??? ???? ??????? ???? ??? ????? ??? ?????? ??? !()

  • Sal3m

    which app is that used of ping?

  • Paul M

    having rooted my phone, I removed the facebook app entirely, and only use it through mobile web so it can’t mine my phone for interesting data.

    It’s scary how much it wants… I started and cancelled the install process on Google Play and it wanted so many privileges it might as well have asked for root, seriously! I didn’t actually do the install of course, I just wanted to see.

  • Paul M

    FB app is preinstalled, so you have no idea what data it might mine and send whether or not you actually put your facebook ID into the app’s setup.

  • Pingback: Bezpe?nostní špecialisti: Smartfóny od Sony vás špehujú! |

  • a.hamameh

    No need for all that,
    I tried to remove that folder using my PC and it disappeared for now.
    My device is Xperia Z2 official, no root,with locked bootloader
    And I found this folder on Xperia Arc S with Cyanogenmod mod and on Samsung Galaxy S5 too.

  • Pingback: ?i?n tho?i Xperia “dính” th? m?c l? khi c?p nh?t Android 4.4 - Sieu Thi Tin Tuc()

  • Azam

    I bought an Xperia Z2 Last week, Activated myXperia right away and still no issues, no Baidu folder, nothing. I updated the firmware, rooted and installed fb, whatsapp, viber and other messengers and games. No Baidu. :-) Which means may be myXperia not causing the baidu issue.

  • Azam

    Got a myXperia Update today with the build number 0.0.A.0.71..

  • Pingback: Deny, Diminish, Destroy- Xiaomi’ Answer to Security Problems | Hunger Marketing in China()

  • Fahmi Haidar Zaki

    fucking Chinese
    die you bitches

    for you sony, don’t assembly your product at China

  • jordi

    en sony xperia t3 es nuevo no rooteado ni flasheado

  • I really detected this ages agone on my unmoving GS3 running cm11, thus its not simply on Sony devices. Pak China Mobile

  • Pingback: Xiaomi, Backdoors and Data Security | Hunger Marketing in China()

Previous post:

Next post: