Android users have been warned about malware that comes pre-installed on a phone - and if you remove it it ends up breaking the device. Android is one of the most used pieces of software in the world, with over two billion devices running the Google mobile OS each and every month. However Android users are no strangers to security alerts, with some recent widespread threats being circulated via apps found on the Google Play Store.

Earlier this week Android fans were warned about dozens of Google Play Store apps that reportedly feature suspicious permissions and malware. This alert came hot on the heels of another Android warning about malware that is capable of downloading dangerous apps from the Google Play Store. But the latest Android warning doesn’t revolve around the Google Play Store, which is home to well over two millions apps. In fact, the issues with the latest threat arises when an Android user simply takes the device out of the box.

Android warning - Malware comes pre-installed on phone, breaks if you try to delete it

READ MORE Shock Android warning issued for these Google Play Store apps Security experts at Malwarebytes in a post online are warning Android users about malware that comes pre-installed on a phone. The Android phone in question comes with not one, but two nefarious apps. The first piece of malware poses as an updater known as Wireless Update and is capable of updating the Android phone. In fact, with the Android device in question it is the only way to update the phone’s operating system. But it also is capable of auto-installing apps without user consent. Nathan Collier, senior malware intelligence analyst at Malwarebytes said: “We detect this app as Android/PUP.Riskware.Autoins.Fota.fbcvd, a detection name that should sound familiar to Malwarebytes for Android customers.

Android users are no strangers to receiving security alerts from tech experts

Trending

READ MORE Android warning: Delete these apps from your phone or pay the price “That’s because the app is actually a variant of Adups, a China-based company caught collecting user data, creating backdoors for mobile devices and, yes, developing auto-installers. “From the moment you log into the mobile device, Wireless Update starts auto-installing apps. “To repeat: There is no user consent collected to do so, no buttons to click to accept the installs, it just installs apps on its own. “While the apps it installs are initially clean and free of malware, it’s important to note that these apps are added to the device with zero notification or permission required from the user. “This opens the potential for malware to unknowingly be installed in a future update to any of the apps added by Wireless Update at any time.” This wasn’t the only unremovable pre-installed app that Malwarebytes found on the Android phone.

Android is one of the most used pieces of software in the world

Security experts discovered the Settings app on the phone works as a “heavily-obfuscated malware” they have detected as “Android/Trojan.Dropper.Agent.UMX”. However, because the app acts as the dashboard to change the device’s settings removing it would leave the Android phone “unusable”. Malwarebytes discovered the pre-installed malware on a phone the US government has subsided for low-income workers. The device is known as the UMX U683CL and is provided by Virgin Mobile's Assurance Wireless programme. Advising affected Android users on how to respond, Malwarebytes said: “Although we do have a way to uninstall pre-installed apps for current Malwarebytes users, doing so on the UMX has consequences. “Uninstall Wireless Update, and you could be missing out on critical updates for the OS. We think that’s worth the tradeoff, and suggest doing so.

Android users have been put on alert about a threat, but this one is not via the Google Play Store