Google research finds pre-installed malware on millions of Android smartphones
Maddie Stone, the previous tech lead of Android Security team and now a security researcher on Google’s Project Zero presented findings at the Black Hat cybersecurity conference in Las Vegas. In the research, she stated that factory-installed malware on Android smartphones is an entirely different level of threat from harmful apps and malware installed through the Play Store. Android’s open-source operating system allows individuals to slip in malware into smartphones unnoticed before they ship out to the world.
Stone stated that pre-loaded malware is a threat that is often overlooked, as most users who fall victim to malware downloaded the app on their own. Pre-loaded malware is more to difficult to find and remove than downloaded ones.
Stone added, “If malware or security issues can make its way as a preinstalled app, then the damage it can do is greater, and that’s why we need so much reviewing, auditing, and analysis.”
Two particular malware campaigns, namely Chamois and Triada, were found hidden in pre-installed apps. The two malware threats infected millions of low-budget Android devices out of the box. Smartphones from big-name companies such as Samsung, LG, Google’s Pixel devices, are most likely safe from the pre-installed malware threat.
Google has stated that they are working to help manufacturers screen smartphones for malware. Stone also noted that from March 2018 to March 2019, Google has reduced the number of affected devices from 7.4 million to 700,00.