TL;DR: If it’s also integrated into firmware, it has full-device access. If it’s just this specific app, per Kaspersky, it still has “elevated privileges” and can install crap. It cannot be disabled without breaking the UI.
Doing a scan without copying the apk:
As you can see from main screenshot, the APK would have been accessible for scanning.
I copied it to Download directory as that one gets real-time monitoring, but it will pick it up elsewhere after a scan as well.
Anyway:
VirusTotal report
Found 4 months ago by Kaspersky
And I found my device in list on blog post from Sophos. Unfortunately, they only provide a partial list, as they mention this affects “nearly 50 models”.
From listed domains, with help of strings I found launcher(dot)szprize(dot)cn, although it doesn’t seem to resolve to anything at the moment.
Also something interesting from Kaspersky:
When integrated into the firmware, the malware behaves differently depending on several factors. It will not activate if the language set on the device is one of Chinese dialects, and the time is set to one of Chinese time zones. It will also not launch if the device doesn’t have Google Play Store and Google Play Services installed.
Now what?
I’ve been using it for nearly 2 years, so there’s that…
I am thinking of contacting the retailer I bought this device from, as it’s still in sale. But I am not sure if they will care about it. Also, the only way I seem to be able to contact them is via tech support, so there’s the chance of just getting a copy-pasted answer.
As for my particular unit, I’ll probably try to update the software to newest version to see if it’s still (visibly) present.
Unfortunately, updates on these devices are unstable as fuck, so I’ll have to deal with that. I also hope it won’t make me loose access to MediaTek EngineerMode band selection as that’s something I quite want to keep using.
Or perhaps try to return it under warranty.
Since QuickStep also controls navigation (both gestures and 3-button) it can’t even be disabled even if I used alternative launcher.
change all your passwords you used with that device. then depends, can you afford a new phone? Go with a more known brand. If you can’t, start learning mandarin 😅
Yeah.
It sucks as usual manufacturers don’t make such crazy devices. This thing has a 22,000mAh battery and quite strong light at the back. And yes, it’s a quite heavy brick (647g or 1.43lbs).
I didn’t find anything better to compare the thickness to, so here it is next to a 1RU switch and a dumphone:
They have even larger phones, but this is already a second time they’ve had malware, so I don’t know about that…
If it makes you feel any better, that’s probably not a 22AH battery either. Stop buying phone on Temu.
The battery life on Ulefone devices is one thing they don’t actually skimp on. I have one and it will go days without a charge. Performs as advertised. And switched off, left in a drawer for 6 months, it didn’t drop a single percentage of battery charge.
I don’t doubt the battery is big, but a 20AH 1S battery pack is still somewhat larger than the phone in that picture .
Ah… The phone in question is not the black thing in the foreground. It’s the silver thing with the gold button at the rear right. They are chonky, and yet still surprisingly heavy.
Oh lmao
There’s quite a few devices like this (from other brands as wall). On a full charge with heavy use it lasts me 5 days. The capacity also checked out with a USB tester, although I only tested it during charging from something like 5%.
I could also try a discharge test, but that’s going to take around 8 hours (10W max output). If you trust whoever did this test, they got 57 hours of screen on time for video streaming: https://www.devicespecifications.com/en/editor-review/c8a7ef/9
That has to fit somewhere.
Anyway, I got it on Alza. I wouldn’t trust shops like that with anything above, say, EUR 50. Especially not Temu, though I haven’t used them personally. The most expensive stuff I got on Aliexpress was around that sum. Two Heltec ESP32 boards with LoRa and RTL-SDR v3 (with the antenna kit).