The Google security team claims that millions of brand new Android smartphones contain malware that is installed at the factory.If we accept this statement as a fact, there is an additional risk for users, which is much more serious than installing malware from Google Play.
As a rule, people trust just bought devices, considering them to be absolutely safe. Meanwhile, pre-installed malware can be extremely dangerous. One such program can download another malware on the smartphone in the background, commit fraud with advertising, and even gain complete control over the device.
Pay attention to the fact that some Android smartphones can include up to 400 pre-installed applications – what is called “out of the box”. More often than not, the average user does not even notice them.
Google Project Zero expert Maddie Stone, who shared a report from the security team at the Black Hat conference, expressed her concerns about the pre-installed malware.
«If malware or security issues come as preinstalled apps, then the damage it can do is greater, and that’s why we need so much reviewing, auditing and analysis», — claims Stone.
The Google Project Zero specialist means budget smartphones based on the Android Open-Source Project (AOSP). AOSP is a cheaper alternative installed on budget devices.
In other words, smartphone users from major corporations like Samsung or Google have nothing to worry about.
The Google team did not disclose specific brands, but it is reported that more than 200 smartphone manufacturers have been tested.
“For an attacker the benefit of supply chain compromise is that they only have to convince one company to include their app, rather than thousands of users”, — Stone warned.
Particular concern raised especially virulent malware campaigns: Chamois and Triada. Chamois generates various flavors of ad fraud, installs background apps, downloads plugins and can even send premium rate text messages. Chamois alone was found to have come installed on 7.4 million devices. Triada is an older variant of malware, one that also displays ads and installs apps.