‘Lifeline Assistance’ Smartphones Come with Malware Pre-Installed

  • Smartphone devices distributed by a U.S. government program come with malware installed by default.
  • The malware can fetch and install any application it wants without the user ever being notified or asked.
  • The particular malware cannot be removed from the phone, as it is part of the “Settings” application.

The “Lifeline Assistance” program in the U.S. is a government-funded initiative carried through the FCC, aiming to provide a means of communication for low-income consumers. Through this program, subscribers can enjoy a discounted telecommunications service, affordable broadband internet access, and a cheap but capable device. This is where the problems begin, as Malwarebytes reports that they have discovered an unremovable piece of malware that comes pre-installed on the program’s phones. The security company has actually followed user reports and bought a UMX U686CL device to check the validity of their claims. Unfortunately, they are now confirming the fears about the existence of malware in these inexpensive phones.

detection
Source: Malwarebytes Blog

The company is now publishing the details of their findings after allowing the program’s representatives plenty of time to respond and explain, something that they have failed to do. So, the malware app is “Wireless Update”, and as the name suggests this is the app that is used for the fetching of important updates on the device. The particular tool has the permissions required to fetch and install anything without needing the user’s approval or consent. Upon further investigation, Malwarebytes figured that this app is basically just a variant of Adups, a known Chinese data collecting malware.

The researchers monitored the activity of “Wireless Update” and reviewed the additional apps that it downloaded and installed on the device. From what they could deduce, none of the fetched apps were malicious, but they were all installed on the device without displaying any notifications to the user. This means that the app could very easily fetch malicious payloads and there would be nothing to stand on its way. The best part is that this malware app is indispensable to the device’s Settings, and it can’t be removed. If it’s removed by force, the phone will be rendered unusable.

UMX_Made
Source: Malwarebytes Blog

The UMX device doesn’t only contain Chinese malware, but it is also made in China. Whether or not the makers of the hardware know, or are involved in the planting of the malware app is unknown, but this could be the case. This goes to show that the FCC should be more careful with how they source the hardware and software for their programs, as they straight out introduced privacy and security risks for thousands of lower-income citizens in the United States. Pre-installed unremovable malware is becoming a common problem for many phones out there, and it’s something that doesn’t concern only the inexpensive devices that are less vigorously tested anyway. Just yesterday, we reported a similar story about Samsung phones, involving Chinese spyware that users can’t remove.

REVIEW OVERVIEW

Recent Articles

Multiple Flaws in Apache Guacamole Leave Sour Taste for Corporate Networks

Check Point warns about an exploit chain leading “full network control” attack against corporate networks. The discovered flaws concern the FreeRDP 2.0.0...

Massive “V Shred” Data Breach Exposes More Than 99,000 Customers

“V Shred” has left an unprotected database online, exposing the sensitive details of 99,000 clients. The data that has leaked includes names,...

TrickBot Malware Has Updated Itself With Anti-Analysis Features

TrickBot is now checking what resolution it’s running on and stops if it’s an unusually low setting. The notorious trojan is checking for...

Top Selfie Beautification Apps Available in India Right Now

The ax of the Indian government has cut even the popular selfie beautification image apps “YouCan Makeup,” “Selfie City,” and “Meitu,” in the context...

Top 5 Alternatives for the “DU Battery Saver” That Was Banned in India

Due to the recent ban of 59 Chinese apps imposed by the Indian government, the “DU Battery Saver” has been blocked in the country....