US government-funded phone comes with malware
Mobile malware is used to access private data on smartphones, tablets, and other mobile devices. Nathan Collier at Malwarebytes reports that they have found malware preinstalled on US government-funded phones. Malware is usually installed unknowingly by a person after they have been using their device, it can come from malicious emails, links, websites, and other sources but this malware comes with the device before you first touch it.
The phone that comes with malware is the UMX U683CL and the malware is not easy to notice. The app icon is hidden and the app runs in the background so you do not notice it. This malware is also unremovable so it is not possible to take it off of the phone. The malware gets an updated copy of itself through an app called “Wireless Update”.
Wireless Update also has legitimate capabilities as it updates the phone’s software, it also is malicious by downloading malware to the phone. If Wireless Update started off as a legitimate app, it is possible the app was compromised in a supply chain attack where the hackers infect a connection or vendor to deliver their malware to a legitimate app or service. ASUS live update and Dell Support Assist were two legitimate applications that were observed to deliver malware to devices in 2019.
Further analysis found the phone’s settings app to be infected and multiple strains of malware were present on the device. This mobile malware was detected with the Malwarebytes app, if you want to run a free and easy scan on your Android device install Malwarebytes from the Play Store and perform a scan in that app. This will tell you if Malwarebytes detects any malicious apps and will help you remove them in most cases.
Read more on Malwarebytes blog: https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/amp/
0 Comments