Header Ads

Google finds malware in pre-installed apps!

Harmful malware found in brand-new Android smartphones according to a security researcher on Google’s Project Zero.
Unsuspecting users of Android smartphones

There are dangers in this pre-installed malware as some can download other malware in the background, execute ad fraud and control the smartphone itself.

Should Android users worry?

Maddie Stone, a Google security researcher, stated that factory-installed malware on Android smartphones is a completely different level of threat from harmful apps and malware installed through the Play Store. "If malware or security issues come as preinstalled apps," she warned, "then the damage it can do is greater, and that's why we need so much reviewing, auditing, and analysis."

Since Android is an open-source community, it is a great platform for innovation but this also allows individuals to slip in malware into smartphones unnoticed before they ship out to the world.  The Google team didn't share any details of the brands of phones involved, but more than 200 smartphone manufacturers failed the testing, with malware allowing the devices to be attacked remotely. Smartphones can have as many as 400 apps factory-installed, many of which users just ignore.

There were two particular malware concerns found in pre-installed apps, Chamois and Triada. Chamois was present in 7.4 million devices and it can risk users with the following activities: generates different ad fraud, installs background apps, downloads plugins and send premium-rate text messages. Same goes with Triada, it’s an older variant of malware that also displays ads and installs apps.

These two malware threats infected millions of cheap Android devices out of the box. Smartphones from Samsung, LG, Google’s Pixel devices are probably more secured from them. There is not much we can do about the situation since these threats come with pre-installed apps, that's why this is posing a serious risk. We just have to trust the smartphone manufacturers to abide by Google in using a screening software to entirely remove these threats.

What are your thoughts on this security issue?

Source: Forbes
Powered by Blogger.