We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use. The FCC Lifeline program was established to offer more affordable communications to low-income consumers, but it's been discovered one of the subsidized smartphones offered through the program contains unremovable malware. As ZDNet reports, Assurance Wireless is part of the Virgin Mobile group and participates in the Lifeline program. The low-end Android smartphone offered by Assurance as part of the program is the Unimax (UMX) U686CL, and here's where the problem lies. Security vendor Malwarebytes discovered the handset ships with the Adups malware installed. Malwarebytes followed up on complaints in its support system regarding malicious apps on the phone. On further investigation, it found an app called Wireless Update which contained the Adups malware. Worse still is the fact you can't remove the malware from the phone. We've been hearing about Adups since 2016 when it was discovered on low-cost Android phones from Blu. The firmware-updating app/malware sent user data to China, and even Barnes & Noble fell fowl of Adups when it was found on the Nook 7. Adups is meant to offer an easy way for vendors to update phones over-the-air, but it can easily be used maliciously. Malwarebytes' investigation found apps were being installed on the UMX phone without user knowledge or consent. As Malwarebytes explains, "While the apps it installs are initially clean and free of malware, it's important to note that these apps are added to the device with zero notification or permission required from the user. This opens the potential for malware to unknowingly be installed in a future update to any of the apps added by Wireless Update at any time." If you use this UMX phone or know someone who does, keep reading because it gets worse. Adups isn't the only malicious component found on the device. Malwarebytes also discovered "suspicious code" in the phone's Settings app which looks to be setup to deliver adware called HiddenAds. When taken together you have a device capable of stealing user data without their knowledge while also serving them aggressive advertising. Assurance Wireless has confirmed it is aware of the issue and is talking to Unimax "to understand the root cause." However, the company doesn't believe "the applications described in the media are malware." And there in lies another problem: both Assurance and Unimax may have had no knowledge this software was present on the phone, meaning it got added at some point in the supply chain during manufacture. Android Phone for Low Income Americans Contains Malware
- Details
- pcmag.com RSS
- Hauptkategorie: IT News aus aller Welt
- Kategorie: Computer & Internet
We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use. The FCC Lifeline program was established to offer more affordable communications to low-income consumers, but it's been discovered one of the subsidized smartphones offered through the program contains unremovable malware. As ZDNet reports, Assurance Wireless is part of the Virgin Mobile group and participates in the Lifeline program. The low-end Android smartphone offered by Assurance as part of the program is the Unimax (UMX) U686CL, and here's where the problem lies. Security vendor Malwarebytes discovered the handset ships with the Adups malware installed. Malwarebytes followed up on complaints in its support system regarding malicious apps on the phone. On further investigation, it found an app called Wireless Update which contained the Adups malware. Worse still is the fact you can't remove the malware from the phone. We've been hearing about Adups since 2016 when it was discovered on low-cost Android phones from Blu. The firmware-updating app/malware sent user data to China, and even Barnes & Noble fell fowl of Adups when it was found on the Nook 7. Adups is meant to offer an easy way for vendors to update phones over-the-air, but it can easily be used maliciously. Malwarebytes' investigation found apps were being installed on the UMX phone without user knowledge or consent. As Malwarebytes explains, "While the apps it installs are initially clean and free of malware, it's important to note that these apps are added to the device with zero notification or permission required from the user. This opens the potential for malware to unknowingly be installed in a future update to any of the apps added by Wireless Update at any time." If you use this UMX phone or know someone who does, keep reading because it gets worse. Adups isn't the only malicious component found on the device. Malwarebytes also discovered "suspicious code" in the phone's Settings app which looks to be setup to deliver adware called HiddenAds. When taken together you have a device capable of stealing user data without their knowledge while also serving them aggressive advertising. Assurance Wireless has confirmed it is aware of the issue and is talking to Unimax "to understand the root cause." However, the company doesn't believe "the applications described in the media are malware." And there in lies another problem: both Assurance and Unimax may have had no knowledge this software was present on the phone, meaning it got added at some point in the supply chain during manufacture. - Zugriffe: 186