Vulnerabilities / Threats
10/25/2013
11:06 AM
50%
50%

Chinese Antivirus Firm NQ Called 'Massive Fraud'

Mobile anti-malware software developer NQ Mobile denies charges that it inflates its market share and makes spyware.

9 Android Apps To Improve Security, Privacy
9 Android Apps To Improve Security, Privacy
(click image for larger view)
Is Chinese mobile security software vendor NQ Mobile "a massive fraud"?

That allegation was leveled in a report from research firm Muddy Waters, released Thursday, which labeled as "fictitious" 72% of the security company's reported 2012 income.

"Our research estimates that NQ's real market share in China is only about 1.5%, versus the approximately 55% it reports," the report said. "We estimate that its China paying user base is less than 250,000, versus the 6 million NQ claims."

Adding fuel to the fire, the Los Angeles-based research firm said "top-flight security software engineers" that it hired to review NQ Mobile's antivirus software reported that it posed an information security and privacy risk to users. "NQ's Antivirus 7.0 is unsafe for sale to consumers, and we consider it to be spyware that makes users' phones vulnerable to cyber attack," it said. "Phones are vulnerable to MITM [man-in-the-middle] attacks because NQ fails to adhere to basic security protocols."

[ Would you let LinkedIn scan your emails? Read LinkedIn Intro Service Triggers Security, Privacy Fears. ]

But NQ Mobile, which has dual headquarters in Beijing and China, strongly dismissed the allegations. "The company believes that the allegations and accusations set forth in the Muddy Waters report are false and inaccurate and contain numerous errors of facts, misleading speculations and malicious interpretations of events," said a statement the company released Friday. It included what the company said was a list of 14 major term deposits in cash, which it referenced "as confirmation of the strong foundations of our business."

NQ Mobile recently enjoyed a meteoric rise in its stock market fortunes, gaining 280% in value and trading alongside Netflix and Tesla, Forbes reported. But after the release of the Muddy Waters report, the company's stock market value plunged $500 million Thursday, and trading on the stock was halted several times that day.

Investors, in other words, appear to be heeding allegations contained in the Muddy Waters report, which labeled NQ's management team as being "sloppy, to the point of being comical, fraudsters." It also said that the company's cash balances haven't been verified by an auditor, concluding that "NQ's cash balances are highly likely to not exist."

The report added: "The one intelligent move NQ made to further its fraud is putting in place the veneer of U.S. management -- particularly 'Co-CEO' Omar Khan. Were Mr. Khan not fronting for NQ, we do not think that investors would have been so willing to overlook so many red flags."

According to the report, Khan, who isn't part of the Chinese entity of NQ Mobile's board of directors or management team, received a compensation package worth almost $100 million from NQ Mobile, "which is likely far more than he would have earned as a non-C level manager at Citigroup."

Muddy Waters is run by China-based expatriate Carson Block, who's made a career of short-selling companies -- often Chinese firms listed in U.S. exchanges -- for which he's accused of fraudulently inflating assets, revenue, market share or other key indicators of success. Short-selling refers to making stock market bets against companies, using borrowed shares, meaning that if Block criticizes a firm and the value of its shares tank, he stands to make a significant profit.

Block first made his name in 2011, when he accused Chinese forestry firm Sino-Forest of massaging its assets and revenue, triggering a $4 billion lawsuit again him. Block labeled the lawsuit as being "without merit." Sino-Forest ultimately filed for bankruptcy.

According to Bloomberg, Block singlehandedly erased $7 billion from Chinese companies' stock-market valuation between 2010 and 2012.

This isn't the first time that market watchers have accused NQ Mobile of massaging its market share. In December 2012, market researcher FJE Research questioned NQ Mobile's statement that it controlled 63% of China's mobile security market, saying that it believed rival Qihoo controlled at least 60%. It also said that download levels of NQ Mobile's security application via Chinese community site Sina and various app stores suggested the firm's market share was substantially lower.

In response, NQ Mobile released a statement saying that it "strongly rejects these allegations" and noted that the research firm "has admitted to holding a short position in the company." NQ Mobile added that it only acquired about 20% of its new users from app stores. "The rest are from working with a number of mobile ad networks to provide users with direct download from the company's server," it said. The company also said that about 20% of its new users came via mobile device manufacturers -- including Coolpad, Gionee, Hisense, Huawei, Motorola, Nokia, Samsung and ZTE -- who preinstalled its software on their mobile devices, and accused its critics of ignoring these channels.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7266
Published: 2015-02-01
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2...

CVE-2014-7269
Published: 2015-02-01
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376....

CVE-2014-7270
Published: 2015-02-01
Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earl...

CVE-2014-8630
Published: 2015-02-01
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shel...

CVE-2014-9200
Published: 2015-02-01
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X8...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.