Published: Sun, January 12, 2020
Electronics | By Kelly Massey

Assurance Wireless’s government-subsidised UMX U683CL smartphone comes with pre-installed malware

Assurance Wireless’s government-subsidised UMX U683CL smartphone comes with pre-installed malware

Even those phones are not completely reliable. Some little-known phones have shown up with pre-installed malware thanks to unscrupulous suppliers or manufacturers. Such a device has appeared in the United States and is being promoted as part of a government program.

Malwarebytes warns that many other budget smartphones could come with similar pre-loaded malware that can't be removed. It runs Android 8.1 Go Edition with 1GB of RAM, 8GB of storage, and a removable 2,000mAh battery.

The UMX U683CL, being sold by Virgin Mobile's Assurance Wireless program for only $35 (due to the Lifeline Assistance program) comes pre-loaded with two trojans, one of which cannot be removed.

Some Android phones that are sold to low-income people who participate in the federally subsidized Lifeline program come laden with two types of potential malware, according to a new report by security company Malwarebytes.

"While the apps it installs are initially clean and free of malware, it's important to note that these apps are added to the device with zero notification or permission required from the user", wrote Nathan Collier, MalwareBytes senior analyst. You may remember Adups from the exclusive Amazon Blu R1 HD, a phone that made waves for its ultra-low price of $ 50.

Bill Cowher elected to Pro Football Hall of Fame's centennial class
Bill Cowher may not have ever bought that house in Strongsville, but he'll have a permanent home not far from there in Canton. The centennial class, when revealed, will include 10 seniors, three contributors and two coaches - one of whom is Cowher.


"That there's a mobile device available for purchase through a USA government-funded programme raises the bar on bad behaviour by app-development companies", said Malwarebytes security consultant Nathan Collier in a blogpost.

The company said it purchased a UMX U686CL smartphone and analyzed it to confirm the reports it was receiving. The Unimax UMX U686CL did not appear on the Assurance Wireless website as of Friday morning, but a model called the Unimax UMX U683CL is still available.

Adups has the ability to remotely install applications on the phone without user interaction. That alone makes it risky, though not explicitly malware. Unlike Wireless Updater, the Settings app can not be removed since it would make the phone useless.

Android/Trojan.Dropper is a malicious app that contains additional malicious app (s) within its payload. Adups isn't the only malicious component found on the device. As the name implies, it exists to harass users with pop-up ads that earn money for the operators. Users can delete this app if they know enough - Malwarebytes has instructions. However, there's nothing to stop it from reappearing because the Adups software remains active. We will also be attempting to contact Assurance Wireless ourselves, and we'll update this article if we receive a reply (though it's a bit unlikely). It says it is in communication with Unimax to understand the cause of the problem.

"However, after our initial testing we do not believe the applications described in the media are malware".

Like this: