Skip to main content

Chinese malware found on U.S. government-subsidized phones

Cybersecurity firm, Malwarebytes says it has found pre-installed Chinese malware on some U.S. government-subsidized phones. The phones are offered to low-income families at significant discounts under the FCC’s Lifeline Assistance program that was first introduced three decades ago.

In particular, Malwarebytes has investigated an Android-based model dubbed the UMX U686CL that is being sold by Assurance Wireless, a subsidiary of Virgin Mobile. The phone is manufactured by a China-based company and is priced at $35 which also includes free calls, texts, and data.

The report claims the UMX U686CL came infested with two malware apps. One called Wireless Update was armed with unrestricted privileges and capable of installing apps in the background without any user consent. Being a system-level app, Malwarebytes says it is not possible to uninstall Wireless Update as it could adversely affect the rest of the phone’s functions.

Further, Malwarebytes discovered that Wireless Update was programmed under the same name as Adups, a Chinese company that has been caught in the past “collecting user data, creating backdoors for mobile devices and developing auto-installers.”

Adups was responsible for the massive 2016 Android breach which impacted over 700 million phones and prompted probes from Google as well as the Department of Homeland Security.

The second malware was deeply integrated within the Settings app which means removing it could render the entire phone inoperative. It housed a trojan called Hidden Ads that is configured to display ads even when you’re in other apps. Hidden Ads’ source code was riddled with encrypted Chinese characters, because of which Malwarebytes says it couldn’t pinpoint its exact purpose.

“As I have highlighted in this blog and blogs past, pre-installed malware continues to be a scourge for users of mobile devices. But now that there’s a mobile device available for purchase through a U.S. government-funded program, this henceforth raises (or lowers, however you view it) the bar on bad behavior by app development companies,” said Nathan Collier, Senior Malware Intelligence Analyst at Malwarebytes in a blog post.

Sprint has denied the allegations and in an email response, told Digital Trends that the company is “aware of this issue and in touch with the device manufacturer Unimax to understand the root cause, however, after our initial testing we do not believe the applications described in the media are malware.”

FCC has declined to comment directly on the report and in a statement sent to Digital Trends over email added that “the FCC is not the “provider” of the service. Through the Lifeline program, the FCC funds voice and broadband service to qualifying Lifeline consumers but we do not provide the service ourselves. Lifeline funds do not support the cost of the handset or any other end-user device.”

Editors' Recommendations

Shubham Agarwal
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
Asus’ latest Android phone could be a big threat to the Galaxy S23 Ultra
Holding the Asus Zenfone 9 to show how it's able to be used one-handed.

After plenty of speculation and waiting, Asus is finally ready to launch its next flagship smartphone, the Zenfone 10, at the end of this month. First announced late last night on the Asus Taiwan Instagram account, the Zenfone 10 will be officially revealed in full and launch on June 29.

Asus tends to make pretty solid devices despite not being quite as popular as the smartphone giants like Samsung, Google, and Apple. But the Zenfone 10 looks like it's shaping up to be one of the best Android phones on the market. Based on a handful of videos posted on the Asus website on a page devoted to the Zenfone 10 launch event, the phone's specs make it seem like it might be able to go toe-to-toe with the likes of the Samsung Galaxy S23 Ultra with one key difference: its size.

Read more
I put the iPhone’s Dynamic Island on my Pixel 7 Pro — and I can’t go back
The expanded DynamicSpot Dynamic Island at the top of the Pixel 7 Pro.

The Apple iPhone 14 Pro got a big refresh last year, and key to that was a new selfie camera design with a pill-shaped cutout. Only, this is no normal hole -- it's the home of a new feature, the oddly-named "Dynamic Island." It's a notification bubble that lives behind the selfie camera that displays information like music tracks, timers, and anything else you need to know, but don't need a full screen for. If you're playing music on Spotify, it'll display the track name and controls. If someone calls you, it'll show the person's contact information. Waiting for an Uber? It'll show you how far away it is. It's even tied into the Face ID unlock process. It's a great use of the selfie camera — and one with a bright future.

At least, that's what we thought. The Dynamic Island has had a tough start, as app support was extremely limited, meaning it didn't live up to Apple's promises. This persisted for a number of months before the Dynamic Island finally got what it needed to live up to its hype.

Read more
TikTok faces outright ban in first U.S. state
TikTok icon illustration.

TikTok received more bad news on Wednesday after Montana Governor Greg Gianforte (R) signed into law a bill banning the popular app from January 1, 2024.

While more than half of U.S. states have already issued TikTok bans on government-issued devices, Montana’s action against the Chinese-owned app is significant as it’s the first state to impose a total ban on the app.

Read more