Sprint Sold Phone With Chinese Malware, Cybersecurity Firm Claims

According to cybersecurity firm Malwarebytes, one of Sprint's prepaid brands sold a phone that contained pre-installed malware from China. Sprint disputes those allegations.

Mike Dano, Editorial Director, 5G & Mobile Strategies

January 9, 2020

3 Min Read
Sprint Sold Phone With Chinese Malware, Cybersecurity Firm Claims

According to cybersecurity firm Malwarebytes, one of Sprint's prepaid brands sold a phone that carried not one but two pre-installed, malicious applications developed in China. And if that isn't bad enough, Sprint used subsidies from the US government to sell the phone to low-income Americans.

Sprint, however, disputes the allegations. "We are aware of this issue and are in touch with the device manufacturer Unimax to understand the root cause, however, after our initial testing we do not believe the applications described in the media are malware," the operator said in a statement to Light Reading, without providing details.

As noted in his lengthy post on the topic, Malwarebytes' security researcher Nathan Collier said he purchased the Unimax U686CL Android smartphone from Sprint's Assurance Wireless brand. The brand, run by Sprint as a subset of its soon-to-be-discontinued Virgin Mobile prepaid brand, receives subsidies from the US government's Lifeline program, which is designed to help low-income Americans on programs like food stamps get access telecommunications services.

The U686CL is not listed under Assurance Wireless's supported phones, but the brand does offer other phones from well-known Chinese brands, including ZTE and Coolpad.

Malwarebytes' Collier said that two of the Android applications on the Unimax phone -- applications that were already installed in the phone when he purchased it from Sprint's Assurance Wireless -- closely resemble malware from China.

Specifically, the "Wireless Update" Android application on the phone is intended to provide updates to the Android operating system, but Collier wrote that "it is also capable of auto-installing apps without user consent."

"The app is actually a variant of Adups, a China-based company caught collecting user data, creating backdoors for mobile devices and, yes, developing auto-installers," Collier wrote.

The other potentially malicious app is the device's own Settings function.

Collier noted the code in the phone's Settings app appeared to contain heavily obfuscated malware that originated in China and is designed to retrieve advertising malware called HiddenAds. Collier said that Malwarebytes was not able to get the Settings app to access the additional advertising malware, but that "our users have reported that indeed a variant of HiddenAds suddenly installs on their UMX mobile device."

What this means
Given that Sprint disputes Malwarebytes' findings, it's difficult to assess exactly what's going on here.

That said, the news certainly hits on some hot topics in the telecommunications industry, the wider technology sector and the global geopolitical landscape in general. That's because the Trump administration is locked in a bitter trade war with China, and is also embarking on a campaign to block China's Huawei from the global 5G market. US officials argue that Huawei's telecommunications equipment -- including its phones and its networking gear -- can be used by the Chinese government for espionage. Huawei has loudly disputed that allegation.

What is clear though is that as the world becomes increasingly digitized, hacks and cyber attacks are becoming increasingly common from both private and state-sponsored sources. And this situation will continue to drive attention in cybersecurity on individual, corporate and national levels.

Mike Dano, Editorial Director, 5G & Mobile Strategies, Light Reading | @mikeddano

About the Author(s)

Mike Dano

Editorial Director, 5G & Mobile Strategies, Light Reading

Mike Dano is Light Reading's Editorial Director, 5G & Mobile Strategies. Mike can be reached at [email protected], @mikeddano or on LinkedIn.

Based in Denver, Mike has covered the wireless industry as a journalist for almost two decades, first at RCR Wireless News and then at FierceWireless and recalls once writing a story about the transition from black and white to color screens on cell phones.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like