Published on August 14th, 2019 📆 | 4165 Views ⚑0
7 million Android phones sold with preinstalled malware & backdoors
Regardless of maker, model, cost, among other variables, any smartphone we buy has pre-installed applications from the factory. According to experts in ethical hacking, while some of these apps help the proper functioning of our devices, most are considered junk and will be disabled by the user.
The presence of pre-installed applications had not been considered as a computer security issue, at least not until now, as new reports, emerged no more or less than Google, report that there are millions of mobile devices with operating system Android that are sold with pre-installed apps infected with some malware variants, even with backdoors.
Project Zero, a security division within
Google, has conducted extensive research, uncovering multiple flaws in the
software of the devices we use every day. Although on previous occasions
malicious apps have been reported that manage to bypass Google’s security
controls and enter the Play Store, this is a much more worrying risk scenario,
as the last thing users expect to find in their new smartphone is an
application infected with malware.
Moreover, ethical hacking experts mention that,
in some cases, even if the malware is not pre-installed on the smartphone, it
is possible that some of these applications may be able to download some
malicious component. It should be remembered that, on average, a new smartphone
has a little less than one hundred pre-installed applications, counting the
visible and hidden ones in view of the end users; However, in some specific
cases the number of pre-installed apps can reach 400.
Project Zero researchers argue that
manufacturers and developers need to do better analysis and auditing to
determine the extent to which a new product available on the market is or is
unsafe. “It is necessary to focus on the analysis of smartphones related
to Android Open Source Project (AOSP), because these are the most widely used
devices”, said Maddie Stone of Google.
According to the company, the software
pre-installed on the devices of more than 200 smartphone manufacturers contains
malware; in most cases, it is possible to access these terminals remotely to
perform various malicious activities.
According to specialists in ethical hacking of
the International Institute of Cyber Security (IICS), the most prominent
finding of this research is malware known as Triada, pre-installed on about 7
million devices over the past year. This malware displays fake ads and
downloads apps in the background without the consent of the victims.
(Visited 1 2 times)