Affordable, Government-Subsidized Phone Comes with Pre-Installed Malware

Yikes…

Smartphones and their related phone plans can be expensive. That’s why many low-income Americans depend on the FCC’s Lifeline Assistance Program so they can access quality service at an affordable price.

According to WIRED, the program currently provides UMX U686CL Android phones tied to the Virgin Mobile Assurance Program.

Unfortunately, Malwarebytes reports that the phones contain a malware called HiddenAds, and removing the bad programs could make the phone unusable.

Photo Credit: Wikimedia Commons

The surprising thing to security and malware experts is that the malware comes pre-installed in the phone, meaning that customers are getting a defective product right off the bat – and the government is paying to provide it.

WIRED says the malware is capable of installing apps and adware without the user’s permission beforehand. This can subject the phone’s owner to a lot of unwanted ads and unseen data-collection.

One of the apps the device has been shown to download is called AdUps. In 2016, this app reportedly collected data from users without prior consent or warning. Malwarebytes comments that the app itself isn’t of much concern, but it’s still unacceptable that smartphone users are being subjected to data collection, downloads, and adware without their consent or knowledge.

Photo Credit: < ahref=”https://www.istockphoto.com/photo/red-pirate-skull-on-smart-phone-screen-gm1067920116-285623129″target=”_blank”>iStock

This isn’t the first time phones for low-income users have been found to carry malware. And the devices are such an important lifeline to low-income people in the digital age that it’s frankly shameful for the government to be providing a pre-infected product.

Share your thoughts (or outrage) in the comments section.

The post Affordable, Government-Subsidized Phone Comes with Pre-Installed Malware appeared first on UberFacts.

These Are the Android Apps Infected with New ‘Joker’ Malware That You Should Probably Delete

If you’ve used or are currently using any of the following Android apps, you’ll probably want to get busy erasing them AND you’ll want to check your credit card statement.

Here’s why.

A new malware called “Joker” has made its way into Android apps that ended up in the Google Play store. The malware silently signs users up for subscriptions that might go undetected by people unless they closely look at their monthly credit card statements.

Aleksejs Kuprins, writing at the cybersecurity company CSIS, described how the scam works:

“For example, in Denmark, Joker can silently sign the victim up for a 50 DKK/week service (roughly ~6,71 EUR). This strategy works by automating the necessary interaction with the premium offer’s webpage, entering the operator’s offer code, then waiting for a SMS message with a confirmation code and extracting it using regular expressions. Finally, the Joker submits the extracted code to the offer’s webpage, in order to authorize the premium subscription.”

Google has already removed the bad apps from the Google Play Store, but you should still do a double-check to see if you’ve downloaded or used any of them because they racked up more than 472,000 downloads before they were taken down.

Here’s a list of the infected Android apps (with links).

After you’ve done the deletions (if you needed to), be sure to check your credit card statements back to June of this year to make sure that you don’t have any suspicious charges for subscriptions you didn’t buy.

If you are one of the unlucky ones, the next step is to alert the people in your contact list: the “Joker” malware steals your entire contact list and uploads it to a command and control server, so it’s better to be safe than sorry.

The post These Are the Android Apps Infected with New ‘Joker’ Malware That You Should Probably Delete appeared first on UberFacts.