10 million Android devices are preinstalled with malicious code from the factory

At the Black Hat event in the US last weekend, Maddie Stone, a Google Project Zero project security expert, warned that bad guys have compromised with the manufacturer to install malicious code.

Specifically, about 10 million Android devices from more than 200 manufacturers have been found to install malicious software right at the factory rather than waiting for users to accidentally install. These malware are covered by the manufacturer's available applications, so users will find it difficult to detect.

After reaching the users, malicious code will silently download and install other underground software on their device. After that, they will display ads, steal information or hijack the device.

Stone said bad guys only need to compromise with a few manufacturers, not trying to seduce users as malicious applications will work on millions of devices.

Android is an open operating system, allowing manufacturers to easily customize software and install many things. Google cannot strictly control such things because the Android ecosystem is now extremely large and this is the reason why the phone has been installed maliciously since the factory was shipped.

There are detected phones that are pre-installed to 400 applications right from the factory, some of which appear as a useful application so censors are hard to detect.

In 2017, Google discovered 7.4 million Android devices infected with a malicious code called Chamois, capable of sending high-cost messages, displaying advertisements, downloading plug-ins and applications. background use. By March 2019, Google had reduced the number of Chamois "victims" to just 0.7 million.

1. 238 applications found on Play Store contain malicious code that paralyzes smartphones