It turns out that a malicious application that seems to be made in China was pre-installed on smartphones distributed free by the government


by

Blogtrepreneur

Malwarebytes , a security company, reported that smartphones distributed free of charge to the low-income class by the U.S. government had ' pre-installed malicious apps that appear to be made in China.'

United States government-funded phones come pre-installed with unremovable malware | Malwarebytes Labs
https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/


US Government-funded Android phones come preinstalled with unremovable malware | Ars Technica
https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/


The pre-install of malicious apps was reported on the Android smartphone Unimax U683CL . The Unimax U683CL is an Android smartphone provided by mobile communication provider Vergin Mobile USA as part of the ' Lifeline Assistance ' program, which provides free or low-cost communication services for low-income households by the US government.



According to Malwarebytes, a report was sent in October 2019 that a malicious application was pre-installed on smartphones distributed by the government. So Malwarebytes actually purchased Unimax U683CL and confirmed the contents.

Then, an update application called 'Wireless Update' pre-installed on Unimax U683CL was detected as a variant of Android / PUP.Riskware.Autoins.Fota discovered in 2017. This app is used to update the Android OS of Unimax U683CL, and has been given permission to automatically install the app without user consent. Malwarebytes tests confirmed that the apps installed by Wirelessss Update were harmless, but Malwarebytes points out that if Wireless Update is updated in the future, malware may be installed. You.



Malwarebytes also reported that a Trojan named 'Android / Trojan.Dropper.Agent.UMX' was found on Unimax U683CL. This Android / Trojan.Dropper.Agent.UMX is an application related to changing the device settings, and if you delete it, the device becomes unusable, so uninstallation is virtually impossible. This Android / Trojan.Dropper.Agent.UMX also seems to install apps and ads that run in the background without the user's permission.

A review of the source code for Android / Trojan.Dropper.Agent.UMX revealed that Kanji was used in the variable name, and Malwarebytes estimates that the malware was made in China. Malwarebytes noted that the discovery of malicious pre-installed apps on smartphones that can be purchased through government-funded programs could further restrict app developers.



Technology media Ars Technica asked Sprint, the parent company of Vergin Mobile USA, about this matter, and a spokeswoman for Sprint said, 'We are aware of this problem and will understand the root cause. We have contacted the manufacturer Unimax for this, and believe that the application in question is not malware. '

in Mobile,   Software,   Security, Posted by log1i_yk