Home » Consumer News »Public Policy & Gov't »Virgin Mobile »Wireless Broadband » Currently Reading:

Cheap $39 Smartphone Sold By a U.S. Subsidized Lifeline Provider is a Malware Nightmare

Phillip Dampier January 13, 2020 Consumer News, Public Policy & Gov't, Virgin Mobile, Wireless Broadband No Comments

The Unimax U683CL

An inexpensive $39 Chinese-made smartphone offered by a U.S. government-subsidized Lifeline mobile phone service provider is wide open to malware and trojan horse apps, leaving users exposed to privacy violations, adware, and auto-installed backdoor apps that might expose some to fraud.

Malwarebytes Labs, an online security company, issued a serious warning to the public about the Unimax U683CL smartphone’s compromised-from-the-box status, and criticized provider Assurance Wireless for selling the phone and ignoring repeated warnings sent to the company about the phone.

“Assurance Wireless by Virgin Mobile offers the UMX U683CL phone as their most budget conscious option. At only $35 [$39 as of Jan. 13, 2020] under the government-funded program, it’s an attractive offering,” Nathan Collier, a senior malware intelligence analyst at Malwarebytes Labs writes in a company blog. “However, what it comes installed with is appalling.”

Malwarebytes began getting complaints about the phone last fall, and secured one to investigate further. It quickly emerged the phone arrived with questionable software pre-installed:

The first questionable app found on the UMX U683CL poses as an updater named Wireless Update. Yes, it is capable of updating the mobile device. In fact, it’s the only way to update the mobile device’s operating system (OS). Conversely, it is also capable of auto-installing apps without user consent.

Thus, we detect this app as Android/PUP.Riskware.Autoins.Fota.fbcvd, a detection name that should sound familiar to Malwarebytes for Android customers. That’s because the app is actually a variant of Adups, a China-based company caught collecting user data, creating backdoors for mobile devices and, yes, developing auto-installers.

From the moment you log into the mobile device, Wireless Update starts auto-installing apps. To repeat: There is no user consent collected to do so, no buttons to click to accept the installs, it just installs apps on its own. While the apps it installs are initially clean and free of malware, it’s important to note that these apps are added to the device with zero notification or permission required from the user. This opens the potential for malware to unknowingly be installed in a future update to any of the apps added by Wireless Update at any time.

The second piece of unremovable malware is the UMX’s own “Settings” app, crucial to operating the phone. Researchers called this “heavily-obfuscated malware” that is detected as Android/Trojan.Dropper.Agent.UMX. This app quietly downloads and installs apps without the user’s permission, most recently including a variant of HiddenAds, which forces users to endure frequent advertising screens on their phone, even when not web browsing.

The malware activates the moment a user powers on their phone for the first time. Most customers will simply be annoyed if ad-related apps automatically install, but with a security-compromised phone opening the door to more malware in the future, this “lowers the bar on bad behavior by app development companies,” according to Collier.

“Budget should not dictate whether a user can remain safe on his or her mobile device. Shell out thousands for an iPhone, and escape pre-installed maliciousness. But use government-assisted funding to purchase a device and pay the price in malware? That’s not the type of malware-free existence we envision at Malwarebytes,” Collier said.

“We informed Assurance Wireless of our findings and asked them point blank why a U.S.-funded mobile carrier is selling a mobile device infected with pre-installed malware? After giving them adequate time to respond, we unfortunately never heard back,” Collier added.

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of

Search This Site:

Contributions:

Recent Comments:

  • Jason vindas: I hope they closed i try to work with them and they like to hired lazies.fat asses close the doors please...
  • ROBERT THOMAS: I know I'm a little late to the party but I just called the number above. I'm a combined Att/DirecTV customer and they still helped me. Got my extra p...
  • Cindy: I live in Pennsville in Salem County and I guess we don't have a high enough population to get Verizon FiOS. Although like you I also heard that there...
  • Alan Rodin: I have contacted the Simmons Hanly Conroy law firm. They are one of the top class action law firm in the U.S. If you would like to join a class action...
  • Natasha Massey: This happened to us! I called to cancel our service because we’d be moving in one week to a new state. The rep we spoke to over the phone said we ...
  • Mike: Maybe your Line filters are bad. Any phone plugged into a jack will require line filter. Just a suggestion....
  • Vanessa Tomblin: Copper is so obsolete but you can’t explain to some ppl they need to complain to the fcc to get things done!...
  • Kay Tomblin: Exactly they have given stimulus money several times w The buying of frontier from Verizon and now grants which they if used on customers at all are ...
  • Bill Denham: Their service is a joke. It's out more then it's in. The price is not worth it. Total crap service....
  • Deborah: I bought my system once it was under Spectrum . I am pissed . I’m sure there will be a law suit . They can add me to there list . I chose though to g...
  • James R Curry: Steve Burke really creating some buzz for the service there, talking about "Shareholder value" by the third sentence. My hand involuntarily reached f...
  • Person: You don't need to use their equipment. Toss it in the closet and lock it away. That's what I do....

Your Account: