Phones from US government came packed with Chinese malware

Phone malware
(Image credit: Shutterstock)

Smartphones provided to low-income families through a US government scheme come preloaded with Chinese malware according to new research from Malwarebytes.

The security firm received several complaints from users that the pre-installed apps on their phones were malicious, so Malwarebytes purchased the Android-based phone in question, the UMX U686CL, and was able to verify these claims. The smartphone is sold by Assurance Wireless which is owned by Virgin Mobile USA.

Upon further investigation, Malwarebytes found that one of the pre-installed apps, which appears and operates as a wireless update program, has the ability to automatically install more apps without user content.

The app appears to be a variant of a malware previously traced to China called Adups which sends text, call-location and app data back to a Chinese server every 72 hours. Back in 2016, Kryptowire discovered that over 700m Android smartphones had Adups installed and a report by the company's Ryan Johnson ended up leading to investigations from both Google and the Department of Homeland Security.

Pre-installed malicious apps

In addition to a variant of Adups, Malwarebytes also found a second malicious app on the UMX U686CL that contained code written in Chinese characters. 

Unfortunately for users that acquired one of these smartphones through the Lifeline Assistance program which has offered phones to low-income Americans since 1985, neither of the malicious apps can be removed from the device.

In a blog post, senior intelligence analyst at Malwarebytes, Nathan Collier explained that other budget Android phones could also be at risk from pre-installed malware, saying:

“It’s important to realize that UMX isn’t alone. There are many reports of budget manufactures coming pre-installed with malware, and these reports are increasing in number. Although I don’t have the answer to this widespread issue, I can say that US citizens using the Lifeline Assistance Program and many others on a tight budget deserve more.”

Via The BBC

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.