Android phones from small-time smartphone manufacturers are more likely to fall victim to preinstalled malware and exploitation in Android’s open-source system than major phone manufacturers and from iPhones, a former tech of Android Security team, who is now a researcher on Google’s Projects Zero found out.
The idea behind this discovery is that the fact that Android is an open-source operating system, which means that everyone can use it, but this has open an exploitable door that hackers can get into to sneak in dangerous malware.
There have been 7.4 million discovered Android devices which contain preinstalled malware, and this preinstalled malware have the ability to take over your device, download background applications, or monitor your activities, Google researchers found.
“If malware or security issues can make its way as a preinstalled app, then the damage it can do is greater, and that’s why we need so much reviewing, auditing, and analysis,” said Maddie Stone, a security researcher on Google’s Project Zero.
The researcher revealed that different Android phone companies are affected differently, with the problem less likely to happen to major smartphone manufacturers like Samsung and LG. However, she revealed that smaller phone manufacturers are more or less potentially vulnerable to these kinds of malware.
The attackers often hide on potentially useful working apps and in the long run will try to infiltrate your device. Users tend to focus on the security of their devices, and thus causes the notion of being able to download “secure applications” to prevent malware attacks. Preinstalled malware is another problem since it is already installed on your device, which makes it harder to locate and get rid of.
According to Stone, based on her research at the Black Hat cybersecurity conference in Las Vegas on Thursday, preinstalled malware as the main threat in security compared to downloadable malware, they are also not given much attention.
“If malware or security issues can make its way as a preinstalled app, then the damage it can do is greater, and that’s why we need so much reviewing, auditing and analysis,” she said
For iOS, preinstalled malware isn’t much of a concern since Apple has full control over its iPhone. Many harmful apps make the ones who create the phones to include them thinking that they are safe applications that will benefit the phones system.
There was two major malware discovered by the security team of Android. They are called Chamois and Triada. Together they were able to infect numbers of phones from the day that they were shipped out. However, Google did not pinpoint on which brand of phones were affected by the malware.
Chamois is an ad fraud business relied on installed applications. They generate fake traffic through pop up ads, with this, they can automatically install other apps in the background that were designed for premium SMS fraud, and they also execute additional plugins.
Users who installed the malicious apps are unlikely to have found it easy to remove them since they didn’t appear in the device’s app list.
Though it may be unclear if the one who created the apps had malicious intent, still they pose a threat to the users; however, we see it. They affected millions of devices and spied on people’s web activities by using Google Play Products, and this allowed potential hackers to hack and run code remotely.
Because these apps are preinstalled, the threat is that they remain hidden and could not be traced since they don’t have an icon, leaving the users unaware of the unlying truth that their device is already infected.
The difference of a preinstalled malware is that attackers just have to trick the phone makers in installing them and affecting millions of people, while hackers, on the other hand, try to make people download their applications.
“If you are able to infiltrate the supply chain out of the box, then you already have as many infected users as how many devices they sell,” Stone said. “That’s why it’s a scarier prospect, and I really hope more researchers join us in vetting these processes.”
Precautions are needed when handling downloadable info or applications. Some applications may contain malware which can pose a threat to your security. Google is slowly resolving the issue when it comes to preinstalled malware applications and thus giving the security that all the users are entitled to when purchasing a product.