Skip to main content

US Government-funded Android phones come preinstalled with unremovable malware

posted onJanuary 10, 2020
by l33tdawg
Arstechnica
Credit: Arstechnica

An Android phone subsidized by the US government for low-income users comes preinstalled with malware that can't be removed without making the device cease to work, researchers reported on Thursday.

The UMX U686CL is provided by Virgin Mobile's Assurance Wireless program. Assurance Wireless is an offshoot of the Lifeline Assistance program, a Federal Communications Commissions plan that makes free or government-subsidized phones service available to millions of low-income families. The program is often referred to as the Obama Phone because it expanded in 2008, when President Barack Obama took office. The UMX U686CL runs Android and is available for $35 to qualifying users.

Researchers at Malwarebytes said on Thursday that the device comes with some nasty surprises. Representatives of Sprint, the owner of Virgin Mobile, meanwhile said it didn't believe the apps were malicious. The first is heavily obfuscated malware that can install adware and other unwanted apps without the knowledge or permission of the user. Android/Trojan.Dropper.Agent.UMX contains striking similarities to two other trojan droppers. For one, it uses identical text strings and almost identical code. And for another, it contains an encoded string that, when decoded, contains a hidden library named com.android.google.bridge.Liblmp.

Source

Tags

Security Privacy Viruses & Malware

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th