Please select To the mobile version | Continue to access the desktop computer version

ulefone Official Forum

Search
View: 6921|Reply: 70

[Discussion] Ulefone's Power comes with malware installed [Ulefone official has replied]

[Copy link]

2

Threads

21

Posts

72

Credits

Member

Rank: 2

Credits
72

Thanksgiving Day1K Forum Membersulefone Power

Post time 2016-9-30 05:55:08 | Show all posts |Read mode

Sign up now, Make more friends, Enjoy with more features, Let you easily Fun Community.

You have to Login for download or view attachment(s). No Account? Register

x
Edited by Alex at 2016-11-23 10:49

So last week I received my Ulefone Power and at first I thought it was a great little smartphone, until I discovered the malware on it

I extracted the phone's android 6 rom onto my computer and run an anti-malware scan across it with 55 different anti-malware engines (thanks for VirusTotal for providing that service). And guess what, an application called Search Service, aka CallerIdSearch.apk is actually a Trojan. It would seem that this app has permission to do pretty much anything from, installing software without any notification to the user, to, reading and modifiying the files on my device. Interestly though, even when this app is forced stopped and disabled, it still continues to run. I've been monitoring this app very carefully and I've noticed it's opening connections all over the place.

So where has this malware come from? Well, interestingly this malware is packed into the Android rom available for download through your website, clearly indicating that you've put it there. So my next question is why? Then the next question is how are you going to fix this ?

The VirusTotal report is here: https://virustotal.com/en/file/ed3ade7c76c5c78a6198a4c38d696e82d5ef2ad45e5bdda323ee4c770744bbbb/analysis/

The NVISO report is here: https://apkscan.nviso.be/report/show/b2b55bb69fbed7b12bfeaf9f3c89d639

【Ulefone official reply】First, http: //www.heise.de/newsticker/meldung/Millionen-Android-Smartphones-mit-Rootkit-ab-Werk-3493715.html
This article reports the problem, we and BLU are the same software unlimited upgrade service providers. BLU's services have more content, loopholes being used by others. And ulefone has no effect, because the BLU problem, resulting in service providers by some anti-virus software as a malicious program. Therefore, ulefone wireless upgrade is safe, Ulefone is a 10-year-old hardware manufacturing company.We will only provide pure system.late ulefone service providers will also get Google certification before the OTA. If you are concerned about security issues before, please do not make an infinite upgrade. You can use the ulefone official PC upgrade.

unnamed.jpg

1

Threads

42

Posts

362

Credits

Intermediate Member

Rank: 3Rank: 3

Credits
362

Thanksgiving DayHappy Halloween

Post time 2016-10-6 00:18:27 | Show all posts
I just discovered the same malware on my one-month-old Ulefone Power and a web search brought me here.

I have to say that I am shocked not only by the fact that the official ulefone firmware contains a root malware that is able to gather all personal data from the smartphone but even more so that the post by AndyGB is now almost a week old and ulefone hasn't even responded to it by now.

Guys, this is damn SERIOUS. Your official firmware contains a ROOT MALWARE.

If there won't be an immediate response by ulefone, apologizing and explaining what they are going to do about this I propose that AndyGB, me and all the other affected Ulefone users employ all social media channels to warn people against Ulefone and their malware-contaminated smartphones.

Comments

Hi, how can i check if my phone is concerned by this malware ?  Post time 2016-12-22 00:56

0

Threads

6

Posts

30

Credits

Newbie

Rank: 1

Credits
30

Thanksgiving Day1K Forum MembersGiveaway Participants

Post time 2016-10-6 03:16:48 | Show all posts
It's been on there since the last OTA update.  I've disabled the service  

1

Threads

42

Posts

362

Credits

Intermediate Member

Rank: 3Rank: 3

Credits
362

Thanksgiving DayHappy Halloween

Post time 2016-10-6 03:38:44 | Show all posts
Edited by timar at 2016-10-6 03:41

Disabling it won't truely disable it, since it continues to work disguised on the system level. The only way to get rid of it for sure is to root your device.

0

Threads

6

Posts

30

Credits

Newbie

Rank: 1

Credits
30

Thanksgiving Day1K Forum MembersGiveaway Participants

Post time 2016-10-9 22:20:25 From the mobile phone | Show all posts
At least it has got rid of the annoying advertising pages popping up !  Just need to get a decent Cyanomodgen build for it now

1

Threads

42

Posts

362

Credits

Intermediate Member

Rank: 3Rank: 3

Credits
362

Thanksgiving DayHappy Halloween

Post time 2016-10-10 01:24:58 | Show all posts
Edited by timar at 2016-10-10 01:39

STILL no response from Ulefone?

It's simply incredible how they keep ignoring us and thereby trashing their reputation. They don't need any exploding batteries to achieve that, they simply put malware into their stock ROMs and decide to put their heads into the sand when people find out about it.

The malware issue is known for several WEEKS now (first affecting the Ulefone Metal) and it would have taken only a few hours to remove the malware from the existing ROMs for the Metal and the Power, do a quick test and release an update (like Rusian has done for the Metal ROM). It's absolutely inconceivable why Ulefone hasn't done that long ago - expect if you assume that they have purposefully installed the Malware on their devices and are financially benefiting from it. But that seems even more absurd - who in their right mind would risk to forever ruin their company's reputation for a small short-term profit?

Anyway, folks, enough is enough. Lets go to Facebook and warn people about Ulefone!

0

Threads

9

Posts

52

Credits

Member

Rank: 2

Credits
52

Thanksgiving Day

Post time 2016-10-13 05:24:40 | Show all posts
I just created an account to say that this is totally true. I found Search Service containing Root Nik Trojan. Coincidentally, my email account was hacked one or two weeks ago from China. I installed an app called Stubborn Trojan, that checks for trojans installed on your phone. It found it immediately. Unfortunately, the trojan has been installed at root level, which means it's coming in the official ROM as I've never installed anything else. I had to root my device in order to get rid of it.
I also contacted Ulefone directly and I got no response. This is so disappointing and outrageous.

2

Threads

21

Posts

72

Credits

Member

Rank: 2

Credits
72

Thanksgiving Day1K Forum Membersulefone Power

 Author| Post time 2016-10-15 01:49:28 | Show all posts
Gray, I have already done some analysis on this malware and found that disabling doesn't actually stop it. It still continues to function exactly the same as when it's enabled.

Sadly there is no Cyanogenmod available for this handset. There is only one other third party mod from Russia, although that also contains different trojans. I have since downloaded the official rom, hacked around to remove the malware, and re-flashed it onto the phone.  A VERY painful process but I have a malware free phone (I think).

Ulefone have the same malware on other models too and recently claimed it was due to a third party provider. To be honest I don't believe this for one second. Firstly, what sort of company takes software from a "third party" without testing

I have already started commenting on YouTube, Amazon, and pretty much every online shop that sells these devices to raise awareness. Shortly the Ulefone brand will be known as the "no go" phone due to its malware unless they do something about it!

0

Threads

6

Posts

30

Credits

Newbie

Rank: 1

Credits
30

Thanksgiving Day1K Forum MembersGiveaway Participants

Post time 2016-10-16 01:01:58 | Show all posts
I've also installed noroot firewall and blocked it in there ...  still don't trust them.

0

Threads

10

Posts

64

Credits

Member

Rank: 2

Credits
64

Thanksgiving Day1K Forum Members

Post time 2016-10-18 05:21:17 | Show all posts
I am very interested in this subject. My mother´s UMi Max is almost stock android and doesn't have bloatware or malware but my friend´s LeEco Pro 1 smartphone is full of bloatware and malware and constantly having to deal with self installing apps and games, which is very annoying. Seems like a Chinese smartphones problem which only gives them bad reputation. I hope that is not the case with Ulefone Smartphones ;)
You have to log in before you can reply Login | Register

Points Rules

Quick Reply To Top Return to the list