I've been a longtime user of Emsisoft anti-malware software on my laptop, and I trust Emsisoft as a company, which is why I am coming to you for help. After I installed the McAfee Mobile Security app (the pro version came included free when I bought my new laptop) on my old Alcatel POP 4S phone (which runs Android 6.0), I ran a scan, which reported that a pre-installed system app made by Mediatek, called "Device Management," was in fact malware. (The "package name" of the app is “com.mediatek.dm”.) McAfee described it as a "high threat risk" which was "designed to secretly access your device and personal data."
I then installed a number of other mobile security apps (including Emsisoft's) onto my phone to see if they could confirm that this system app was indeed malware. None of them did, with the single exception of the Sophos Intercept X app, which described the “Device Management” app as a “malicious object,” which has the ability to do just about anything it wants to on my phone without my ever knowing about it.
I'm thinking that there's a pretty good chance that this threat identification is a false positive, since most of the anti-malware apps that scanned my phone did not identify it as malware. In addition, I did internet searches to see what others were saying about this "Device Management" app, and could find hardly anything. There were a number of articles talking about the problem of pre-installed system app malware in general, but not about this particular system app.
So I was hoping you could let me know--so I can put this matter to rest once and for all--whether this particular Mediatek system app is in fact pre-installed malware that I should be worried about, or if a false alarm was issued by these two mobile security apps.
I wish to emphasize that I am not looking for help removing this system app from the phone. (In fact, I'm worried that if I tried to remove it, it would render the phone completely inoperable.) I no longer use the Alcatel as my primary phone (I transferred its SIM card to my new phone), and I no longer enter any sensitive data, such as passwords, while using it. My only concern is knowing whether I need to change the passwords that I have entered on that phone in the past. And since I have a lot of passwords, that would be a big job for me, so it's not something I want to do unless I can know with adequate certainty that this system app has indeed functioned as malware in the past.
In essence, my real question is this: Is there any actual evidence that anyone's passwords and other sensitive information have ever been remotely transmitted by this “Device Management” (com.mediatek.dm) system app without their knowledge? Or were the McAfee and Sophos apps merely speculating about the danger that might be posed by this system app?
I really appreciate your help with finding a definitive answer to these questions so that I can put my mind at ease.