We informed Assurance Wireless of our findings and asked them point blank why a US-funded mobile carrier is selling a mobile device infected with pre-installed malware? After giving them adequate time to respond, we unfortunately never heard back. We purchased a UMX U683CL to better assist our customers and verify their claims. In October 2019, we saw several complaints in our support system from users with a government-issued phone reporting that some of its pre-installed apps were malicious. However, what it comes installed with is appalling. At only $35 under the government-funded program, it’s an attractive offering. Assurance Wireless by Virgin Mobile offers the UMX U683CL phone as their most budget conscious option. Of course, Malwarebytes for Android takes care of this as well. A notification box that changes its title name is highlighted below in red. Evidence of its running in the background can be seen in the mobile device’s notifications. It runs silently in the background and does not create an app icon. This variant has been observed in the wild since spring 2019. The main goal of our post was to inform and protect users: both those who are Malwarebytes customers and those who are not. More importantly, we brought this issue to the press in order to invoke a resolution when there was no other option available to UMX customers. Therefore, although we're glad Unimax took action so that our users and theirs could safely use their devices, we are disappointed that it took such public action to find a resolution in the first place.Īt time of original publication, we were not yet able to replicate the malware Android./Trojan.HiddenAds being dropped on our test device, though multiple users had reported that a variant of HiddenAds suddenly installed on their UMX mobile phone.Īs of today, we are now able to report that our UMX U683CL test phone has become infected with a variant of HiddenAds we detect as Android/. How convenient that they happened to find “vulnerabilities” in the pre-installed Settings app that happened to be dropping malware. We stand by our original assertion that the app itself was malicious due its Trojan dropper capabilities-the dropping of the HiddenAds Trojan on the UMX device is indisputable. To Unimax Communications' knowledge, no customer data has been compromised. Because of this, Unimax Communications has updated software to correct the potential vulnerability. In reviewing these applications, however, Unimax Communications has determined that there may be a potential vulnerability in the Settings App library. We'd like to thank UMX (Unimax) Communications for resolving this issue, despite the fact they still refuse to take ownership. Back in January, UMX gave a public statement:Īfter investigating this issue, Unimax Communications has determined that the applications described in the posting are not malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |