Accidentally installing malware on any device can cause headaches. Unfortunately, one phone manufacturer has decided to make the malware infection process much simpler. They just include the malware at the factory. Be sure to read to the end to find out how you should handle mobile devices on your organization’s wireless network.
Free Malware Included
Late last year, Malwarebytes received multiple reports about malware on some Android devices. Reports revolved around apps containing malware. Malwarebytes decided to purchase one of the phones and investigate further.
They discovered an app posing as an updater called Wireless Update. Not only can it update the phone, but it’s also the only way to update the OS. The Wireless Update app is a variant of the Adups malware.
Adups was created to collect user data, auto-install apps, and create backdoors into devices. The Wireless Update variant does the same. As soon as you log in, it begins installing other apps. No permission is required, and no notifications are displayed.
Uninstalling the app means you won’t receive updates anymore. However, you also won’t receive malware via the app either. It’s a good tradeoff.
But Wait, There’s More… Malware
Sadly, the same device includes another app containing malware. The Settings app includes what’s known as a trojan dropper. It can also install (or drop) apps onto the phone. Typically, the app installs other malicious apps. Unfortunately, the Settings app is the only way to adjust device settings. You can’t remove the app unless you need a new paperweight.
All Roads Lead to
This particular story revolves around the UMX U683CL. Malwarebytes purchased and tested this phone. A Chinese company, Unimax, produces this phone. Adups and the trojan dropper also originate from China. This all may be a coincidence. Unimax may have no idea that the apps are infected.
This particular phone is sold by Assurance Wireless through the Lifeline program to low-income Americans. They didn’t respond to Malwarebytes when notified about the problem. They’ve since told ZDNet that they’ve contacted Unimax, but they don’t believe the apps to be malware.
Don’t Trust Mobile Devices
There is a safe way to handle mobile devices on your network: don’t trust them. Keep all mobile devices on guest WiFi. Guest WiFi should isolate connected devices from the rest of your network. Even if an infected device connects, it won’t be able to do any damage to the rest of your environment.
Looking for More Tips?
Blog posts with various IT tips and news are released every Friday. We publish new episodes of Tech Tip Tuesday as often as we can. You can view previous episodes in our Tech Tip Tuesday library. Click the Sign Up or Subscribe button on this page to subscribe and receive every tip directly in your inbox each week. Pit Crew IT Services can also help your organization with any IT needs you might have. Get started with a free consultation using the button below.