H L Data Storage Store Banner 970x90
Breaking News

Linksys Brings Best in Class WiFi Performance to the Home with New Series of Affordable WiFi 6 Mesh Solutions Micron announces upcoming availability of Crucial P3 Plus and Crucial P3 NVMe SSDs addlink Virtual Showcase 2022: AddGame SPIDER X5 DDR5 RGB Memory Line-up NVIDIA Adds Liquid-Cooled GPUs for Sustainable, Efficient Computing Asus introduces the world's first 500Hz monitor

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

US Government-funded Phones Come Pre-installed with Unremovable Malware: Malwarebytes

US Government-funded Phones Come Pre-installed with Unremovable Malware: Malwarebytes

Smartphones Jan 9,2020 0

Mobile phones offered to low-income families via a US government scheme come preloaded with Chinese malware, according to a security company Malwarebytes.

United States–funded mobile carrier Assurance Wireless, which is owned by Virgin Mobile, offers phones via the Lifeline Assistance program amd it selling a mobile device pre-installed with two malicious applications, Malwarebytes discovered.

Assurance Wireless offers the $35 UMX U686CL phone as their most budget conscious option.

Malwarebytes said it saw several complaints from users with a government-issued phone reporting that some of its pre-installed apps were malicious.

The security firm informed Assurance Wireless of its findings but says it never heard back.

The first questionable app found on the UMX U686CL poses as an updater named Wireless Update, an app capable of updating the mobile device (OS). Conversely, it is also capable of auto-installing apps without user consent.

Malwarebytes detects this app as Android/PUP.Riskware.Autoins.Fota.fbcvd, a detection name that should sound familiar to Malwarebytes for Android customers. That’s because the app is actually a variant of Adups, a China-based company caught collecting user data, creating backdoors for mobile devices and, yes, developing auto-installers.

From the moment you log into the mobile device, Wireless Update starts auto-installing apps. While the apps it installs are initially clean and free of malware, these apps are added to the device with zero notification or permission required from the user.

Another unremovable pre-installed malicious app found on the UMX U686CL phone is the mobile device’s own Settings app, which functions as a heavily-obfuscated malware detected by Malwarebytes as Android/Trojan.Dropper.Agent.UMX. Because the app serves as the dashboard from which settings are changed, removing it would leave the device unusable.

According to Malwarebytes, Android/Trojan.Dropper.Agent.UMX shares characteristics with two other variants of known mobile Trojan droppers.
The only difference between the two codes are their variable names. The more discernible variant of this malware uses Chinese characters for variable names. Therefore, Malwarebytes assumes the origin of this malware is China.

In addition to the malware being of Chinese origin, it’s noteworthy to mention that this UMX mobile device is made by a Chinese company as well.

Tags: Android malwareVirgin Mobile
Previous Post
Mark Zuckerberg Outlines Long-term Goals For The Decade
Next Post
First Look at Intel's DG1 Xe Discrete Graphics Card

Related Posts

  • Virgin Media Reports Data Incident

  • Google Play Store is Just Not Completely Safe Yet

  • Google Play Protect Removed Almost 2 Billion Malware Apps in 2019

  • Google Launches the App Defense Alliance to Fight Bad Apps

  • Android Dropper App Infects 45K Devices in Past 6 months

  • Millions Android Phones Infected With 'WhatsApp' Malware

  • Researchers Discover 2,000 Fake Apps on Google Play

  • Most Antimalware Security Apps Don't Detect All Android Threads

H L Data Storage Store Banner 300x600

 

Latest News

Linksys Brings Best in Class WiFi Performance to the Home with New Series of Affordable WiFi 6 Mesh Solutions
Enterprise & IT

Linksys Brings Best in Class WiFi Performance to the Home with New Series of Affordable WiFi 6 Mesh Solutions

Micron announces upcoming availability of Crucial P3 Plus and Crucial P3 NVMe SSDs
PC components

Micron announces upcoming availability of Crucial P3 Plus and Crucial P3 NVMe SSDs

addlink Virtual Showcase 2022: AddGame SPIDER X5 DDR5 RGB Memory Line-up
PC components

addlink Virtual Showcase 2022: AddGame SPIDER X5 DDR5 RGB Memory Line-up

NVIDIA Adds Liquid-Cooled GPUs for Sustainable, Efficient Computing
GPUs

NVIDIA Adds Liquid-Cooled GPUs for Sustainable, Efficient Computing

Asus introduces the world's first 500Hz monitor
Gaming

Asus introduces the world's first 500Hz monitor

Popular Reviews

CeBIT 2005

CeBIT 2005

CeBIT 2006

CeBIT 2006

Zidoo Z9S 4K Media Player review

Zidoo Z9S 4K Media Player review

LiteOn iHBS112 review

LiteOn iHBS112 review

Club3D HD3850

Club3D HD3850

Pioneer BDR-2207 (BDR-207M) BDXL burner review

Pioneer BDR-2207 (BDR-207M) BDXL burner review

External USB Slim Recorders Comparison

External USB Slim Recorders Comparison

Crucial P1 NVMe 1TB SSD review

Crucial P1 NVMe 1TB SSD review

  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed