Android phones for low-income families are shipping with irremovable Chinese malware. (Photo by … [+]
2017 Getty Images
For years, low-income households have been able to get cheap cell service and even free smartphones via the U.S. government-funded Lifeline Assistance program. One provider, Assurance Wireless, offers a free Android device along with free data, texts and minutes.
It all sounds ideal for those who don’t have the money to splash on fancy Apple or Google phones. But, according to security researchers, there’s a catch: the Android phones come with pre-installed Chinese malware, which effectively opens up a backdoor onto the device and endangers their private data. One of the malware types is impossible to remove, according to the researchers.
Researchers at cybersecurity company MalwareBytes said that they’d tried to warn Assurance Wireless, a Virgin Mobile company, they’d received no response. So the devices likely remain vulnerable today. Forbes was also unable to get a response from the company. The FCC, which runs Lifeline Assurance, also hadn’t responded to requests for comment.
The affected device is a UMX phone shipped by Assurance Wireless and one of the pre-installed malware, according to MalwareBytes senior analyst Nathan Collier, is the creation of a Chinese entity known as Adups. Though the tool looks and operates as a Wireless Update program, it’s capable of auto-installing apps without any user consent, which it starts doing immediately, according to a MalwareBytes analysis of a device, shared with Forbes ahead of publication. Adups hadn’t responded to a request for comment at the time of publication.
“This opens the potential for malware to unknowingly be installed in a future update to any of the apps added by Wireless Update at any time,” Collier wrote in a blog post published Thursday.
Historically Adups tools have been caught siphoning off private data from phones, including the full-body of text messages, contact lists and call histories with full telephone numbers.
A second malware comes preloaded on the Assurance Wireless-supplied device – the phone’s own Settings app, Collier claimed. Though it operates like a typical Settings application, it proceeds to install malware known as HiddenAds, he added. Previous MalwareBytes research showed this malicious tool would throw up aggressive advertising on the infected phone. As the Settings app is vital to the functionality of the device, it can’t be removed without turning the phone into a useless brick.
Collier told Forbes he was confident every model of the device shipped by Assurance Wireless was infected with both malware types.
His research also highlights a growing problem of pre-installed malware on Android phones. “There appears to be a rise of budget phones in general coming with pre-installed malware,” Collier added. “The fact that the Trojan is tied into a system app that cannot be removed escalates this issue beyond fraud in my opinion.”
But the case in the U.S. has another element, in that it’s low-income folk who’ve been endangered. It all begs the question: is privacy only for the rich?