Tech

Walmart pulls children’s tablet after researcher finds malware exposing kids’ data

Rebecca Hills-Duty
Dragon Touch children's tabletAmazon, Pexels

A security researcher raised the alarm when traces of dangerous malware were found on a DragonTouch tablet marketed to children.

A child receiving a tablet or smartphone for their birthday is hardly an uncommon occurrence in the modern day, but security researcher Alexis Hancock quickly found she had cause for concern when she examined her daughter’s Dragon Touch KidZPad Y88X.

Hancock works for the Electronic Frontier Foundation, and so had plenty of familiarity with modern tech products, and yet she had never heard of Dragon Touch, the device’s manufacturer.

Upon further inspection, she discovered a range of security and privacy concerns, including traces of a Malware called Corejava, which Malware Bytes confirmed was malicious early this year.

Outdated Android and data-collecting app store

The tablet also runs on a version of Android which is five years out of date, and has a custom app store designed specifically for children called KIDOZ which is similarly outdated and subject to security holes.

This app store collects a host of information, including device model, brand, country, timezone, screen size, view events, click events, logtime of events, and a unique KID ID. This data is then sent to a site called ‘kidoz.net’.

Kodoz app store logoKidoz.net

The software pre-loaded onto the tablet is similarly problematic, as it included Adups, a program that has likewise been classified as malware for its potential to download and install other malicious software without any user intervention.

These privacy and security concerns were reported to Amazon, Google, and Walmart. While Amazon and Google said that they were investigating claims and would take appropriate action if needed, Walmart promptly pulled the product from store shelves pending a full investigation.

Walmart spokesperson John Forrest Ales said in an email to TechCrunch:

“We have removed this third-party item from our site while our Trust and Safety conducts a review.

“Like other major online retailers, we operate an online marketplace that allows outside third-party sellers to offer merchandise to customers through our eCommerce platform.

“We expect these items to be safe, reliable, and compliant with our standards and all legal requirements. Items that are identified to not meet these standards or requirements will be promptly removed from the website and remain blocked.”

Hancock and TechCrunch attempted to contact Dragon Touch for a comment, but so far have not received a reply.

About The Author

Rebecca Hills-Duty

Rebecca is a Tech Writer at Dexerto, specializing in PC components, VR, AMD, Nvidia and Intel. She has previously written for UploadVR and The Escapist, hosts a weekly show on RadioSEGA and has an obsession with retro gaming. Get in touch at rebecca.hillsduty@dexerto.com

keep reading
The Windows 11 'Bloom' wallpaper on the screen of a Nintendo Switch.
Tech
Modder runs Windows 11 on Nintendo Switch but it’s a disaster
Rosalie Newcombe
Google Play edition
Tech
Now is the perfect time for Google to bring back Play edition phones
Jitendra Soni
Discord promotional splash art
Tech
Discord is allegedly assigning gender to users with machine learning AI
Anurag Singh
Rumble logo and Google
Tech
YouTube rival Rumble sues “evil” Google for $1 billion in damages
Meera Jacka

Subscribe to our newsletter for the latest updates on Esports, Gaming and more.