A New Reason to Not Buy These Cheap Android Devices: Complimentary Malware May 24, 2018 https://gizmodo.com/a-new-reason-to-not-buy-these-cheap-android-devices-co-1826289219
The article says there is a fix. All I could find is: "....Avast Mobile Security can detect and uninstall the payload, but it cannot acquire the permissions required to disable the dropper, so Google Play Protect has to do the heavy lifting. If your device is infected, it should automatically disable both the dropper and the payload. We know this works because we have observed a drop in the number of devices infected by new payload versions after Play Protect started detecting Cosiloon. Users can find the dropper in their settings (named “CrashService”, “ImeMess” or “Terminal” with generic Android icon), and can click the "disable" button on the app's page, if available (depending on the Android version). This will deactivate the dropper and once Avast removes the payload, it will not return again...." These instructions are as clear as mud to me. It is just gibberish. Agree or disagree?
@zapjb It makes sense to me. Google Play Protect, should automatically find the malware and either remove it automatically, or ask you if you want it to remove it. If it doesn't do that, go to Settings, then Apps and disable the listed apps, then you will be able to remove the remaining files with Avast.
Cheap Android Phones and Poor Quality Control Leads to Malware Surprise October 2, 2018 https://www.bleepingcomputer.com/ne...or-quality-control-leads-to-malware-surprise/ More details (Sophos Report): The price of a cheap mobile phone may include your privacy October 2, 2018 https://news.sophos.com/en-us/2018/10/02/the-price-of-a-cheap-mobile-phone-may-include-your-privacy/
Same here. Plus I rooted mine, studied the diagram (long ago) and know every corner of the system and it's hidden fringes
Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware August 10, 2019 https://www.forbes.com/sites/zakdof...reloaded-with-dangerous-malware/#2fbd0e7eddb3 Securing the System - A Deep Dive into Reversing Android Pre-Installed Apps (PDF - 902 KB): https://github.com/maddiestone/ConPresentations/raw/master/Blackhat2019.SecuringTheSystem.pdf
Unremovable malware found preinstalled on low-end smartphone sold in the US January 9, 2020 https://www.zdnet.com/article/unrem...stalled-on-low-end-smartphone-sold-in-the-us/ Malwarebytes: United States government-funded phones come pre-installed with unremovable malware
Chinese phone maker denies handset in Lifeline program came with preinstalled malware Unimax says no customer data has been compromised January 17, 2020 https://www.cnet.com/news/chinese-p...eline-program-came-with-preinstalled-malware/ Updated:
Unimax removed pre-installed malware from Assurance Wireless’s government-subsidised UMX U683CL smartphone March 3, 2020 https://mspoweruser.com/unimax-remo...-government-subsidised-umx-u683cl-smartphone/ Updated:
How pre-installed adware can cause trouble for mobile users July 6, 2020 https://betanews.com/2020/07/06/pre-installed-mobile-adware/ Kaspersky: Pig in a poke: smartphone adware
We found yet another phone with pre-installed malware via the Lifeline Assistance program July 8, 2020 https://blog.malwarebytes.com/andro...-malware-via-the-lifeline-assistance-program/ DarkReading: More Malware Found Preinstalled on Government Smartphones
hi but xiamo is the new meizu , or are diffrent brands may i know what custom miui rom did you install? thanks
Chinese Court Finds Gionee Guilty Of Planting 20 Million Phones With Malware December 6, 2020 https://www.outlookindia.com/websit...licting-20-million-phones-with-malware/366410
I have a UMX U683CL which received a software update by the vendor in late Sept. 2020 and now appears to have HiddenAds malware on it. After ads began popping up everywhere and a new wallpaper unexpectedly appeared, I installed Securion OnAV (a free mobile AV that was highly rated by AV-T), which twice detected and removed threats so far. Google Play Protect found nothing. I don't use it for anything sensitive like banking, but it's a shame nonetheless.
Updating my above post: the Securion AV found one more threat but missed two, which I had to delete manually. Notably, Google Play Protect didn't find any of them. The vendor issued another security update this week; after the update, the malware seems to be gone. Battery usage has improved greatly, and Chrome no longer pops open when I unlock the phone. (Interestingly, the vendor openly installed a legitimate "News" app that served sponsored ads every 6 hours, but it was easy to disable. I suppose they have to monetize the cheap phones somehow.)
The malware (Trojan.UMX) has returned with a vengeance, repeatedly installing adware that pops ads over the screen. The adware installations have defeated Securion, Avira, and Dr. Web antimalware products so far; I'm now trying Bit Defender Free. Although the underlying Trojan can't be removed except by the vendor, I had hoped an antimalware product could at least have prevented the well-known Hidden Ads adware from being reinstalled over and over. (Other cheap phones by the same Lifeline provider reportedly have the same malware problems, so replacing the phone isn't an option at this point.)
Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business Experts found backdoors in budget Android device models designed to target WhatsApp and WhatsApp Business messaging apps August 23, 2022 Doctor Web identifies attack on WhatsApp and WhatsApp Business messengers installed on counterfeit Android devices