US government-funded budget Android smartphones found to have pre-installed, unremovable malware

The malware is pretty dangerous as for any of its operations, it never asks users consent and executes everything in the background

Top 10 Cybersecurity events of 2019

Top 10 Cybersecurity events of 2019

The smartphone world is now riddled with spooky malware. Every day there is new malware surfacing on the internet with a new infection strategy to lure the users. And Android users are perhaps has become the soft targets of the malware authors.

Cyber Security solution company Malwarebytes has found a government-funded smartphone which comes pre-existed with dubious malware. The Android-driven budget smartphone is available at just $35 under the Lifetime Assistance Program of Assurance Wireless by Virgin Mobile.

GitHub attack

The United States government-funded smartphone named UMX U686CL comes infected with two malware, supposed to collect user data, develop auto-installers and create backdoors. No wonder, all these activities are supposed to help the cybercriminals snoop into the machine without the users' knowledge.

The malware

The UMX U686CL comes with a pre-installed malware disguised as an updater app called Wireless Update. Researchers found the app is capable of updating the smartphones operating system and can also auto-install any apps without users permission.

The malware, in reality, is a variant of Adups, which is used by a Chinese company to retrieve users data, download malware and create a backdoor in the device by its own. The malware is pretty dangerous as for any of its operations, it never asks users consent and executes everything in the background.

The UMX U686CL smartphone also comes pre-installed with a Trojan-Dropper Agent malware camouflaging as the smartphones setting app. As we know, settings app in any smartphone are supposed to configure various features of the smartphone and are unremovable. If you, by any chance, manage to uninstall the settings app, the smartphone literally becomes unusable.

The Trojan-Dropper installed in this smartphone comes with variable names written in Chinese, hints that it is being developed and spread by Chinese malware authors. Interestingly, UMX U686CL is not the only smartphone that comes pre-installed with malware. Many budget smartphones available in the market, nowadays come with various type of malware and spyware, and the tendency is increasing every day.

new android malware
Representative Image Reuters
Related topics : Cybersecurity