Can you imagine living with your Android smartphone that has an “unremovable malware”?
That is the case with the Android phones subsidized by the US government for low-income users. According to researchers, these handsets come preinstalled with malware that unfortunately can’t be removed.
The result? Unremovable malware makes the device cease to work. How frustrating is that?
Want to know more about this “unremovable malware”? Let us also dig into what model and brand of Android smartphones are affected, shall we?
US Government-funded Android smartphones come with preinstalled “unremovable malware”
Nobody wants to deal with malware in their devices, right? Let alone an “unremovable” one. Once we find out that malware is living amongst our apps, we would then do everything to rid our device of it.
But how exactly are we going to remove an “unremovable malware”? Let us see first what kind of malware we are dealing with.
The said unremovable malware was found preinstalled to low-end smartphones to low-income American users through a government-subsidized program. In a report by a security firm Malware bytes, the smartphone model is a Unimax (UMX) U686CL, a low-end Android-based smartphone made in China. These smartphones are sold through Virgin Mobile’s Assurance Wireless program.
For those who don’t know yet, Assurance Wireless is an offshoot of the Lifeline Assistance program. This is brought by a Federal Communications Commissions plan that makes free or government-subsidized phone service available to millions of low-income Americans.
And did you know that often, this program is referred to as the Obama Phone because it expanded in the year 2008, also the year when President Barack Obama took office. UMX U686CL runs Android and is available to qualifying users for $35.
How dangerous is this unremovable malware?
The folks at Malwarebytes said that the device comes with some unpleasant surprises. Meanwhile, representatives of Sprint, the owner of Virgin Mobile said it did not believe that the apps were malicious.
First, there is a heavily unclear malware that installs adware and other unwanted apps without the knowledge and permission of the user. The Android/Trojan.Dropper.Agent.UMX contains obvious similarities to two other trojan droppers.
One, it uses the same text strings as well as an almost identical code. Another, it contains an encoded string that, when decoded, has a hidden library named com.android.google.bridge.Liblmp.
Once the library is loaded into memory, it will then install software which is called Android/Trojan.HiddenAds. Now, this is the part where the malware starts to wreak havoc on the device. The malware then aggressively display ads.
And what’s the catch?
The malware that is responsible for these programs is hidden in the phone’s Settings app. That just makes it impossible to uninstall because the phone can’t really operate without it. “Uninstall the Settings app, and you just made yourself a pricey paperweight,” said Malwarebytes researcher.
The second nasty surprise is called Wireless Update. It provides a mechanism for downloading and installing phone updates. But along with is the loading of unwanted apps without the user’s permission. The app is a variant of Adups, from a China-based company with the same name. And in 2016, researchers caught Adups secretly collected data from users on thousands of low-cost phones from BLU.
“Unremovable malware” usually found on low-cost smartphones
This type of malware is what is usually found in online discussions and how users find it very frustrating that their devices are displaying ads and apps automatically without their authorization. But having this malware and not being able to do anything because it is “unremovable” is an added burden.
Through the years, preinstalled malware has been found on low-cost Android handsets coming from a variety of providers as well as manufacturers. And it seems like a compromised safety and security is what people usually pay for these low-cost smartphones.