Have you received a notification about UpgradeSys? This is an app that can be found pre-installed on some Android devices and that is classified as a potentially unwanted application (PUA). This app does NOT come pre-installed on all Android devices. In fact, until recently, it was believed that it was installed only on devices sold online by low-reputation vendors. Some recent reports show, however, that legitimate vendors might be selling devices with this app as well. How has this happened? That is something that we still need to figure out, but it was found that the company that has created this app is also responsible for Adups, which is a much more vicious and intrusive app that came pre-installed on Android devices back in 2016. Whether or not the company has overlooked the issue again or planted the app intentionally is unknown, but with more and more information flowing it, the pressure is on. Hopefully, the company will delete UpgradeSys.
If UpgradeSys is installed on your device, you can recognize it by checking the list of apps. You can also identify it by package names (com.adups.fota.sysoper and com.fw.upgrade.sysoper) and an .APK file called “FWUpgradeProvider.apk”. Although it was created by the same company that is responsible for Adups, it is hard to compare the two. The Adups app infected over 700 million devices, and it was capable of collecting personal information. According to our research, it could record messages, call history, contacts information, technical device and operating systems details, and similar information. Needless to say, this app was classified as a threat to the virtual security. At the moment, it does not look like UpgradeSys can be classified as a malicious app. The only unnerving thing is that this app has the ability to download and update apps and that it can do it without authorization. In theory, if the device was not protected by antivirus, the app could potentially download malware without alarming the user. In practice, it is unknown if the PUA is used in such a manner. If any data about this comes up, we will inform you about it as soon as possible.
As you might know, pre-installed apps on mobile devices cannot be deleted. Despite that, they can be disabled, which is why it is surprising that UpgradeSys cannot be disabled. If you go to Settings->Apps and tap the app, you will find that the “Disable” option is not valid. Some suggest using Debloater to have the unwanted application eliminated, but there are no guarantees that this tool would work because it has not been fully tested. Due to this, it is also unknown if using it is safe. Besides that, it does not look like there is any other option when it comes to the removal. So, what should you do in this case? It is most important to install a reliable security tool that could keep an eye on this strange PUA. If it goes on to download any unreliable programs, you want a security tool to catch and delete them right away. UpgradeSys is not the only reason to install a security tool. Android malware is on the rise at the moment, and you want to take all security measures to protect yourself against it.
N.B. It is believed that, in most cases, Android devices that have UpgradeSys pre-installed on them are sold by less reliable vendors. This is why it is recommended that you only use reliable vendors when purchasing mobile devices. In case the PUA is found on a device sold by a reliable company, you should contact them to discuss the possibility of exchanging the product.