Sprint Sold Phone With Chinese Malware, Cybersecurity Firm Claims

Ruben Fields
January 12, 2020

Smartphones provided to low-income families through a United States government scheme come preloaded with Chinese malware according to new research from Malwarebytes.

Researchers at Malwarebytes analyzed a cheap Android phone distributed in the US by Virgin subsidiary Assurance Wireless, Unimax U686CL. Adups is a firmware OTA update service, but it also has extensive access to the device. Adups is a Chinese company that has previously been caught collecting data, creating backdoors and developing auto-installers. In fact, it's the only way to update the mobile device's operating system (OS).

The phone's own Settings app, too, functions as a cleverly disguised piece of malware that can not be removed or else the devices becomes entirely unusable.

Malwarebytes has reached out to Assurance Wireless for an explanation on this matter, but the antivirus company received no response.

"We think it's worth the tradeoff and suggest doing so", the company says. "In general, without the malware, this device is a good option for anyone on a budget".

According to Malwarebytes, the Unimax U686CL comes with our old friend Adups pre-installed. Some little-known phones can be seen with pre-installed malware thanks to unscrupulous suppliers or manufacturers.

Researchers at Malwarebytes say they obtained the U686CL to investigate numerous complaints in its support system from users claiming some of the preinstalled apps were malicious. "This opens the potential for malware to unknowingly be installed in a future update to any of the apps added by Wireless Update at any time". While the app installs are initially malware-free, the apps are added with no notifications or attempts to seek user consent.

Rafael Nadal's Spain Face Novak Djokovic's Serbia For Inaugural Title
He came out with guns blazing, winning the first set before the Serbian steamrolled him in the second. He converted it, then went on to take the set as the momentum shifted in the Spanish star's favor.

For starters, Malwarebytes said it found that one of the phone's components, an app named Wireless Update, contained the Adups malware.

The second unremovable malware package found on the UMX U686CL phone is allegedly baked into its Settings app.

X shares characteristics with two other variants of known mobile Trojan droppers.

The Settings app contains a string within its code that, when decoded, revealed a hidden library file.

Collier added there's now no way to uninstall pre-installed apps on devices like the UMX, and doing so, in any case, would lead to dire consequences for usability.

You can check out the full report from Malwarebytes liked above, where they break down the code from the Settings app and Wireless Updater, explaining why they're malicious apps. There shouldn't even need to be a choice between not having malware, or having a usable phone. The smartphone model is Unimax (UMX) U686CL, a low-finish Android-primarily based smartphone made in China and offered by Assurance Wireless, a mobile phone service supplier a part of the Virgin Cell group.

Other reports by

Discuss This Article