Home > Cyber News > Virus-Infected Android Phones Sold Through US-Subsidized Program

Virus-Infected Android Phones Sold Through US-Subsidized Program

Android phones that are being sold under an American Government Subsidized Program have been found to contain malware. The dangerous code is very difficult to detect and it is embedded deep into the Settings features of the operating system.

Low-Cost Android Phones That Are Sold Via a US Subsidized Program Contain Dangerous Virus Code: The Malware is Very Hard to Detect

Low-cost Android phones are usually bought by users from retailers, telecom operators or subsidized programs in some regions. Usually the last option allows only a certain type of users that are eligible to participial and buy a phone at an attractive price. However a recent security scan has found that low-cost Android phones sponsored by the Lifeline Assistance Program contain malware code. The virus-infected devices are sponsored by the U.S. FCC and the Assurance Wireless carrier which is operated by Virgin Mobile.

Related: [wplinkpreview url=”https://sensorstechforum.com/evilnum-hacking-group-tools/”] Evilnum Hacking Group Uses Tools Made By Cobalt, FIN6 and Others It

The virus code has been detected in the ANS Ul40 smart device. At the moment it is not known if this particular version is sold in the subsidized program, but a copy of the instructions manual has been found on one of the related sites. The security experts tracked down the malware to the Settings feature of the Android operating system. It is found in both this feature and also the Wireless Update which is integrated in the Settings section.

The type of malware that is found in the phone’s memory is a Trojan Horse Infections however as it is installed on a very deep level it is very difficult to remove. At the moment it is inactive which brings about two theories about its possible use:

  • Test Infection — The virus can be inserted merely in order to prove that a virus can be installed onto devices that are distributed by end users.
  • Inactive Use — The Android devices are not currently overseen by the hackers. This means that at any time the hackers can activate the built-in engines and use it for various purposes.

The Trojan operations which can be utilized by the hackers include not only to hijack the devices and take over control of the phones, as well steal user and system files. The ANS UL40 phones which contain the virus code does not come with a SIM card preinstalled which is another reason for the malware to be inactive as an active data connection is required to send out network communication to and from the hacker-controlled servers.

At the moment it is not known which hacking group is responsible for the insertion of the malware code. The point of intrusion is also unknown – whether or not this comes from the manufacturers, the stores or another party involved in the production or distribution process.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree