US Government-funded phones found pre-installed with Chinese malware

Nathan Collier, a senior malware intelligence analyst at Malwarebytes published a blog detailing the firm’s findings on US government-funded smartphones

Malware is perhaps the most common way for hackers to compromise devices, leading to untold repercussions. They could be benign, simply triggering popup ads, but more often than not they’re a lot more sinister, harvesting your data, tracking your location, or invading your personal privacy. Malwarebytes has announced a startling discovery – they found US government-funded smartphones carrying pre-installed malicious applications.

The device itself is offered by a US-funded carrier that offers cellphones through the Lifeline Assistance Program, an FCC (Federal Communications Commission) backed initiative which lowers the monthly cost of smartphones and internet through government subsidies, making them affordable for low-income consumers.

In the blog, Collier reports on two malicious applications which, worryingly, come pre-installed on the UMX U686CL, a low-cost Android smartphone.

Malicious, pre-installed and unremovable

The first malicious application found by the American internet security firm acts under the guise of an operating system updater, named Wireless Update. It is the only way that the smartphone’s device can be updated and was found to be able to auto-install apps without user consent.

Collier said that Malwarebytes for Android customers would be acutely aware of the Wireless Update app. The previous iteration, developed by Chinese firm Adups, was last year caught transmitting location, SMS, call and app data to a server in China. The company is behind other auto-installer apps, spyware and malicious software, discovered on a range of Android devices from over 40 manufacturers.


READ MORE: Addressing the IoT Security Challenge


“From the moment you log into the mobile device, Wireless Update starts auto-installing apps,” Nathan Collier said. “There is no user consent collected to do so, no buttons to click to accept the installs, it just installs apps on its own.”

Collier points out that this updater opens the potential for surreptitious installations of malware in future updates, effectively leaving a backdoor open to the user’s device and, as a result, their personal and private data.

The second malicious application found on the UMX U686CL was the operating system’s very own Settings app, which “functions as a heavily-obfuscated malware”. The removal of the Settings app would leave the device effectively unusable. 

The UMX U686CL, manufactured in China, was found to carry two pre-installed malicious apps / Credit: Malwarebytes

Over the Great Firewall and into your pocket?

In the blog, Malwarebytes conclude that the malware is of Chinese origin, also noting that the device itself is manufactured by a company in China. They do stress, however, that this could merely be a coincidence, and that they could not confirm whether or not the device manufacturer is aware of the pre-installed malicious applications. 

AV-TEST, an independent IT security institute, examine and classify the growing number of malicious programs. Since 2011, the number of malicious programs has risen dramatically from 65 million to over 1 billion, a sizeable chunk of which is thought to have originated behind the Great Firewall.

As malicious software proliferates, reported findings from companies like Malwarebytes become more important, and solutions to catch and remove any unwanted applications or programs become necessary and valuable tools to ensure the safeguarding of one’s personal data. The affordability of such programs is also key to ensure the adoption of privacy measures, a sentiment echoed by Malwarebytes.

“Budget should not dictate whether a user can remain safe on his or her mobile device,” Nathan Collier said. “Shell out thousands for an iPhone, and escape pre-installed maliciousness. But use government-assisted funding to purchase a device and pay the price in the malware? That’s not the type of malware-free existence we envision at Malwarebytes.”


Malwarebytes made their findings clear to Assurance Wireless, one of the Lifeline Assistance Program’s cellphone service providers and asked for comment. They have not yet received a response.

Luke Conrad

Technology & Marketing Enthusiast

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...