Micromax Remotely Installing Adware on its Smartphones causing unwanted downloads and popups

3


Micromax is hijacking the smartphone by installing unwanted bloatware

We had informed you about Xiaomi, the Chinese smartphone manufacturer using the smartphone as a spy post by installing unwanted spyware.  Now we would inform you that even the homemade Micromax is installing unwanted adware which more often then not, hijacks the smartphone from the user.

The Micromax is number two producer of smartphones in India just behind Samsung and large number of mid end buyers and budget smartphone buyers are Micromax customers.

The adware issue was first noticed by a Redditor who had bought a Micromax Canvas A093 and found that his smartphone was installing Apps without his permission or knowledge

I use a Micromax A093 Canvas fire, and have been since August of last year.

I knew what I was buying from day one, and I didn’t have very high expectations. However, the phone has performed brilliantly so far – none of the usage problems I had expected – I guess the credit goes to the fact that it comes with KitKat preloaded which makes it fast and smooth despite having just 512 MB RAM.

The only slight drawback I felt was the internal memory being only 4 GB and KitKat has this limitation that you can’t install apps direct to SD card without rooting. Never mind, I just managed my app space and lived with it.

For the last month or so, I’ve noticed apps that I never installed – apps like newshunt, snapdeal, amazon.in etc. These aren’t exactly light apps, mind you – they’re atleast 7-8 MB each. Space is really short. I need to uninstall games if I want to update Whatsapp, it’s that bad. Meanwhile, looks like Micromax is installing apps without my permission, using up precious space and my 3G! Apps reappear after uninstalling them. This is ridiculous! Many times, instead of downloading apps, it creates 8-10 notifications which are advertisements for online stores and other apps. All of this happens immediately after connecting to the internet which I mostly do using airtel 3g.

I did the “long press on notification” thing and it says the app responsible for generating these notifications is SoftwareUpdate which is a System app and can’t be uninstalled and restarts automatically when disabled.

I am absolutely outraged and want to know what I can do to make Micromax stop highjacking my 3g and my internal storage space for their profit. Please help!

This was not a single smartphone issue but it was affecting many Micromax smartphones.  Many users of certain devices by  Micromax noticed apps being silently installed without their consent or permission.

As said above and as researched by a XDA Forum member the App which installs the adwares  is found to be installed in Micromax system.  Therefore this particular type of Apps cant be installed.  If you even succeed in uninstalling them, they may simply re-appear.

XDA Forum member Diamondback has analysed this rouge App in Micromax by tearing down the App:

The Evidence

When starting to tear down the application (which is actually called FWUpgrade.apk on your filesystem), the first thing you notice is that it’s a third-party application. A Chinese company named Adups developed it as a replacement for the stock Google OTA service. Apparently, Micromax decided to use it instead of the stock one. The first hurdle you need to take for further analysis is the byte code level obfuscation, and most of the sources are really not a pleasure to read. However, if you know what you’re looking for, the app can’t hide its true nature. The evidence presented here starts out with a bit of code that shows you the potential abilities of this app and closes off with something even more interesting.

Let’s start with the silently installed apps. To do this from within another app, you either need to use the Android PackageManager API directly, or issue the installation commands from a shell. The second case is true here, as the following pieces of code show (note: this is simplified java code, the actual code looks a bit different due to the obfuscation):

StringBuilder sb = new StringBuilder(“pm install -r “);
sb.append(s2);
String cmd = sb.toString();

Here you can see a newly created StringBuilder containing the command pm install, followed by s2, which in this case is a string variable containing a file system path to a downloaded apk file. The finished string then gets passed to a new method doing something like this:

ProcessBuilder processbuilder = new ProcessBuilder(cmd);
Process process = processbuilder.start();

Here you can see that the string with the shell command is used to start-up a process which executes said command and in fact silently installs the apk file. At this point we can be fairly certain that the OTA check service in Micromax ROMs can not only download and flash system OTAs but also has the ability to silently install apps. This in itself doesn’t mean too much as it’s not necessarily a bad thing, but there’s more to come.

The Adups advertorial advertises the following which Diamondback linked to the processes



Micromax Remotely Installing Adware on its Smartphones causing unwanted downloads and popups

There you have it, in the company’s own words. App push service. Device Data Mining. Mobile advertising. That matches pretty nicely the initial report on reddit, don’t you think? So, the bad guy here is in fact Micromax since these are official features of the app by Adups, and it’s more than likely that Micromax is getting revenue from the forced app installs and notification ads. They also chose to go with this provider and not use their own servers together with Google’s stock OTA service, so they were fully aware of what impact this would have on their users.

Temporary Solution

Diamondback has also given a temporary solution to get rid of this bloatware and data mining App server.

1. Root your device

The first and most important step is to root your device. A rooted device allows you to do much more than your stock phone would allow, and is a critical step in all system modifications. Since there are quite a few different Micromax devices out there, I won’t link to any specific root exploits in this article. Instead, head over to XDA:India and search for a root exploit or guide for your device. Make sure to read everything thoroughly and follow the instructions precisely to not damage your device in the process. Also note that this will most likely void your warranty.

2. Get ADB set up

In order to continue, you’ll need to have a working ADB connection to your device. There are many guides on XDA that detail how to achieve exactly this, but for starters, here is a fairly up-to-date guide on how to download the necessary binaries and how to establish a connection to your device.

3. Disable the Software Update application

Now that you have gained root access and ADB is up and running, you can continue with disabling the dreaded application responsible for the silent installs and unwanted ads. All you need to do now is to fire up a command prompt, make sure the prompt is at the directory of your ADB binary, and execute the following command:

adb shell pm disable com.adups.fota

You can read more about the usage of this command in this tutorial about disabling apps with root access. Please be aware that this process will remove the ability for your device to search for software updates and might generate an error when trying to open the Phone update section in the settings. In case you need the app back (for example when a new update is ready) you can easily enable it again with this command:

adb shell pm enable com.adups.fota

If you cannot root your App it is better to switch to a different smartphone because such kind of Apps can cause following problems

  • Having no control over which apps are installed on your device poses a huge security risk, as you don’t get to check the permissions of the apps and you have no idea if these apps are indeed the original apps (or potentially modified in a malicious way)
  • Micromax devices don’t tend to be the highest end you can find, so storage space is still considered a luxury (at 4GB total) and having the device’s storage filled up with random apps is certainly not the best use of that precious space
  • The downloads also happen when using a mobile network, so your expensive full-speed data will reduce significantly if your phone is constantly trying to download apps you don’t even want to have

Though such kind of App behaviour is not expected of any device or any smartphone manufacturer, some manufacturers keep pushing such kind of bloatware under the envelope to avoid scrutiny.  It is hoped that there is a distinct mechanism like the legislation Canada enacted yesterday which says that no manufacturer will install software/updates without explicit approval of the user.

Long way to go till we have that kind of legislation covering all parts of the world, till then we will always have a Samsung, Sony, Xiaomi, Micromax who continue to take advantage of its buyers by installing unwanted Apps.

Resource : Diamondback’s post on XDA Forum.

3 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here