Virgin’s subsidized smartphones come with unremovable Chinese malware

The Unimax U686CL is a cheap Android phone distributed in the USA by Virgin subsidiary Assurance Wireless as part of its federally subsidized Lifeline program, which is available to low-income Americans.

Malwarebytes analyzed the firmware in Virgin’s U686CL handsets and found two notorious pieces of undeletable Chinese malware that run on the devices as soon as they’re switched on, with no user intervention.

The two pieces of malware are Adups, which runs firmware-over-the-air updates with no user intervention, including apps that run inside the Android OS; and an unnamed Chinese “dropper” app that installs malware such as Hiddenads.

While users could disable and uninstall the Wireless Update app, this would result in the phone missing out critical security updates for its firmware components — which effectively makes the app unremovable, at least if you want to keep your device up to date.

On the other hand, the Settings app is unremovable in the real meaning of the word, as there is no way to remove the app, and even if you did, you wouldn’t be able to manage your phone afterward.

Unremovable malware found preinstalled on low-end smartphone sold in the US [Catalin Cimpanu/Zero Day]

(via /.)