Cheap cell services and free smartphones through the Lifeline Assistance program might sound great, but what if the devices come with pre-installed viruses and malware?
Not One, But Two
Assurance Wireless, a Virgin Mobile company, and one of the providers for the government-funded Lifeline Assistance program that distributes phones and cheap services for low-income households, has been found to have their phones packaged with some Chinese malware as an unwanted added bonus.
Researchers at MalwareBytes who discovered the issue said they previously tried to warn the company, but had received no response. Later on, a spokesperson for Sprint, which owns both Virgin Mobile and Assurance Wireless said that they’ve acknowledged the issue and are “in touch with the device manufacturer Unimax to understand the root cause.”
MalwareBytes senior analyst Nathan Collier described the issue, saying that the phone comes with preinstalled malware, masked as a Wireless Update program. Historically known as Adups, the malware siphons private data off the devices, such as text messages, contacts and call histories, as well as auto-installing apps without the user’s approval. An analysis of the company further showed that it starts installing apps immediately.
The problem is, the devices don’t come with just one type of malware, you get a bonus one for free! Collier explained that the second virus is in the phone’s own Settings app, and despite it functioning like any other Settings app would, it installs malware known as HiddenAds, which has only one goal – to advertise aggressively whether you like it or not. The biggest problem is, the Settings app can’t be removed, unless you want your phone to become a brick.
“There appears to be a rise of budget phones in general coming with pre-installed malware. The fact that the Trojan is tied into a system app that cannot be removed escalates this issue beyond fraud in my opinion,” Collier told Forbes, adding that he was fairly confident that every single model, shipped out by Assurance Wireless, comes with both malware types.