Skip to main content

Google flags preinstalled malware as hidden threat on millions of Android phones

Maddie Stone, a security researcher on Google’s Project Zero and a former tech lead on the Android Security team, flagged preinstalled malware on millions of new Android smartphones as a hidden threat that requires more attention.

Stone shared her team’s findings at the Black Hat USA 2019 conference in Las Vegas, in a presentation in which she said that a smartphone may have as many as 400 preinstalled apps out of the box. This is a major problem because attackers are attempting to hide malware in the preinstalled apps, as it is easier to convince one manufacturer to agree to a preloaded app than to convince thousands of users to download an infected file.

“If malware or security issues come as preinstalled apps,” Stone warned, “then the damage it can do is greater, and that’s why we need so much reviewing, auditing, and analysis.”

The risk affects the Android Open Source Project, which is a lower-cost alternative to the full version of Google’s mobile operating system. AOSP is installed in cheaper smartphones to keep the price tag down, but unsuspecting customers are in danger of purchasing devices that come with preinstalled malware.

While this means that Android smartphones released by Google and partners such as Samsung are generally safe from the risk, Google’s Project Zero discovered more than 200 manufacturers who have launched devices with hidden malware. One particular malware of concern is Chamois, which upon infecting a device, generates ad fraud, installs background apps, downloads plugins and even send text messages at premium rates. In March 2018, Stone’s team found Chamois preinstalled in 7.4 million Android devices.

Google’s Project Zero has been working with device manufacturers to address the issue, and that has helped reduce the number of smartphones preinstalled with Chamois to only 700,000 between March 2018 and March 2019. Stone, meanwhile, called for security researchers to place a bigger focus on preinstalled malware as a security threat, as the attention is often directed towards malware that people are tricked into downloading themselves. Then again, even Android antivirus apps have shown to provide inadequate malware protection, according to a study from earlier this year.

Stone’s Black Hat presentation follows a study from June that claimed 43% of Android apps were found to have vulnerabilities, while 38% of iOS apps had the same issue.

Editors' Recommendations

Aaron Mamiit
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
The Pixel 7’s best camera trick is coming to the iPhone and all Android phones
Erasing items in Magic Eraser.

The Google Pixel series of phones, specifically the Pixel 6 and Pixel 7, have an exclusive feature called Magic Eraser. With Magic Eraser, you can get rid of unwanted objects in a photo, such as people in the background or things like power lines. As of today, Magic Eraser is becoming available to all Android phones and iPhone users through Google One.

Magic Eraser debuted on the Pixel 6 lineup, which includes the Pixel 6, Pixel 6 Pro, and the more affordable Pixel 6a, which is still available to purchase (the Pixel 6 and 6 Pro have been discontinued). If you have a Pixel 7 or Pixel 7 Pro, you also have the Magic Eraser feature. One of the reasons I had always wanted a Pixel device is because of Magic Eraser, and it is something that I desperately wished Apple would implement.

Read more
When is my phone getting Android 13? Google, Samsung, OnePlus, and more
Android 13 logo on a Google Pixel 6a.

Android 13 has been available for Android phones since late 2022, and it's a pretty minor update from Google. Well, we say minor, but that's only in comparison to the positively gargantuan number of changes that were in Android 12 — and in light of Google's policy of trickling out improvements to Android apps over the course of a year as soon as they're ready. Android 13 is more of a tune-up to the engine that powers your phone than anything else. But it's still one worth getting excited for.

Tablet and foldable owners will see the most benefits, and there will be some updates to Material You to improve Android's customizability. There really isn't much else to say about Android 13. It's a very under-the-hood update, and that trend appears to be continuing with the upcoming Android 14 as well.

Read more
Using an Android phone showed me just how bad iOS notifications really are
iPhone 14 Pro with iOS 16 notifications compared to Google Pixel 7 with Android 13 notifications

I’ve been using an iPhone for over a decade. I received the original iPhone as a birthday present in 2008, and after just four months of use (without a case, of course), I dropped and cracked the screen. With the iPhone 3G about to launch, I decided to upgrade to that, and I’ve pretty much bought a new iPhone every year since — including the iPhone 14 Pro.

Before Apple added Notification Center in iOS 5, notifications were just alerts that would interrupt whatever it is you were doing, until you took action on it or dismissed it. And once you dismissed it, that was it — it vanished, never to be seen again, so you may have missed something important if you didn’t remember what it was.

Read more