Who would have thought that phones are not safe anymore to use because millions of apps get installed automatically on your phones and you won’t have any idea about that? Google’s own security research team said that millions of phones that are being bought nowadays come with pre-installed malware. You might have read the news about millions of apps that are dangerous for the phones but this; this is different and far more dangerous than those apps. And also dangerous for the new users who have no idea that the device they are buying and trusting with their personal information already has some of the malware that can download other malware in the background, commit ad fraud, or even take over their device.
Android is a struggling open source community which is great for improvements but not so great when threat actors seize the opportunity to hide malware in basic software loads that come on boxed devices. New phones can have as many as 400 apps that we tend to ignore. But it transpires that many of those apps have not been scrutinised. The apps may come handy so we can be forgiven for not considering that risk.
“If the virus comes pre-installed in our phones then the damage it can do to our phones is way greater that is why we need so much auditing, reviewing and analysis”, warned by Maddie Stone, the security researcher with the Google’s Project Zero.
She further says that the more dangerous thing is that the malware selling companies only have to convince one company to buy their product and after that, all the phones have their products and whoever buys the phone will be affected by the product.
Google team did not disclose any company’s name but it says that over 200 companies are buying this product and putting them in their phone’s systems.
We got names of two companies that are selling particularly virulent malware: Chamois and Triada. Triada is an old malware that displays ads and installs apps. Chamois generates various flavors of ad fraud, installs background apps, use premium-rate text messages and downloads various plugins. This product was found to be installed on 7.4 million devices.
Google is trying to generate a strategy by which the phones can be made safe from this malware. Meanwhile, the usual advice is to download the apps from the play store and not to download the apps that come from an unknown source. But you cannot do much if these threats come preinstalled. That is why this is getting dangerous. For protection, we need to follow Google’s advice and trust our manufacturers.