Share:

Share via email - Check your phone! This one comes pre-loaded with malware Share on Facebook - Check your phone! This one comes pre-loaded with malware Share on LinkedIn - Check your phone! This one comes pre-loaded with malware Share on X - Check your phone! This one comes pre-loaded with malware

Check your phone! This one comes pre-loaded with malware

Check your phone! This one comes pre-loaded with malware
© Mykhailo Polenok | Dreamstime.com

We’re always warning you about apps that could infect your device with malware. If you download a malicious app, it could cause tons of problems.

This is why we highly recommend staying away from third-party app stores and only downloading apps from official sites. Unfortunately, now that’s not even 100% guaranteed to be safe. Tap or click here to see if you’ve downloaded any of these malicious apps found on Google Play Store.

You’d think taking precautions and staying away from potentially malicious apps would be enough to stay safe, but not anymore! There are actually phones on the market with preinstalled malicious apps. Even worse, removing it could break your phone.

There’s a new monster in town

Earlier this year we warned you about an Android phone that comes preinstalled with apps that are infected with malware. What made this even scarier is the fact that removing the malicious apps would pretty much brick your phone.

Now, another device with a similar issue has been discovered. According to Malwarebytes, if you have an ANS (American Network Solutions) UL40 running Android OS 7.1.1, you’re in trouble.

That’s because this device comes preinstalled with a malicious Settings app and Wireless Update app. As you know, you need the Settings app to control pretty much everything on the device so deleting it would render it unusable.

Security researchers discovered the ANS UL40 Settings app is infected with the Android/Trojan.Downloader.Wotby.SEK. This allows the device to download apps from third-party app stores without you knowing. That’s a huge breach of trust and could lead to numerous problems like ransomware or another version of malware.

As for the Wireless Update app, it too has the potential to install apps without you knowing about it. Researchers with Malwarebytes were able to verify that the Wireless Update app was secretly installing apps that were actually adware.

That means your phone is running ads in the background, lining cybercriminal’s pockets with money and potentially slowing the operation of your phone down and hurting its functionality.

Deleting this app could brick your device

Researchers at Malwarebytes warned Android users in January of this year about a phone that comes with a couple of shady apps already installed. The phone in question is the UMX U683CL. It runs the Android operating system (OS) and is a government-subsidized device for lower-income users.

Here’s what’s happening: There are two apps that are preinstalled on the UMX U683CL causing problems. One is called “Wireless Update” and it’s used to update the device’s OS. The problem is it also has the capability to auto-install other apps without the user’s consent.

Malwarebytes said the app is a variant of Adups, a China-based company that has been caught collecting user data, creating backdoors for mobile devices and developing auto-installers.

Once someone logs into the UMX device after unboxing it, the Wireless Update app starts auto-installing other apps. It doesn’t even ask the user for permission, which means there is no chance to decline to install an app or refuse to agree with its terms and conditions.

Any app installed by Wireless Update has the potential to infect the device with malware in future updates. The good news is Wireless Update can be uninstalled. The bad news is once you uninstall it, the phone will no longer receive updates to the OS.

But wait, there’s more

As if an updater app going rogue and installing apps that could infect your gadget with malware wasn’t bad enough, there’s another nefarious app preinstalled on the UMX device.

This one is the Settings app and it is described as “heavily-obfuscated malware” detected as “Android/Trojan.Dropper.Agent.UMX.” Malwarebytes said it’s basically malware disguised as a harmless Settings app, but it’s not harmless at all.

Making matters worse is the fact that you can’t uninstall the Settings app. If you try to uninstall it, your phone becomes unusable. That’s because the Settings app is the dashboard used to make changes to the device’s settings.

It’s best to just avoid these phones altogether. Obviously, you don’t want to purchase a device that comes with malicious apps preinstalled. So before you purchase your next phone, do a little research to make sure it’s up to snuff.

Tags: adware, Android, Apple, Apple iPhone, Google Play Store, malicious apps, malware, Malwarebytes, ransomware, security, Settings app, updates