Security researchers always advise Android users to be careful while downloading apps from the Google Play Store. But what about pre-installed apps in Android phones? Recently a security research company stated that pre-installed apps and firmware pose a risk due to vulnerabilities (bugs). The researchers found over 140 bugs in preinstalled apps which could be exploited for malicious purposes.
What these apps were capable of doing?
In a report published by Kryptowire, security researchers mentioned that they have uncovered 146 bugs on pre-installed apps on low-end Android smartphones that would do malicious stuff. This includes a range of things such as turning the microphone on for spying on users or establishing a remote connection with a malicious server and transmitting data from the phone without the explicit permission of the user. The researchers found that the vulnerabilities could have a serious impact on the privacy of a user if exploited.
Surprisingly, these apps were offered by some leading phone makers
These bugs were found after analysing 29 different manufacturers like Cubot and Doogee. Now, the surprising bit is, this list doesn’t just include low-key smartphone brands like Cherry and Cubot but also some big industry leaders like Samsung, Sony, Xiaomi, and ASUS. Notably, Samsung devices had 33 vulnerable apps while Xiaomi had 15.
No word on the action taken
The report from Kryptowire only highlighted the vulnerability but there’s no clarity on how the smartphone makers would deal with this issue. According to CNET, an average Android devices come with almost 100 to 400 pre-installed apps so it seems like Google will have a lot of work to monitor and evaluate the amount of apps before they are installed.
Currently, neither Google nor the smartphone companies have commented on the matter, but we hope that soon the developers and manufacturers would take the issue into notice and take necessary action to keep their customers safe.
2 comments
These android vulnerability articles are starting to grow old ey. It’s well known that apps be they iOS or Android apps have vulnerabilities which can be exploited with enough effort and know-how. The recommendation is to always keep apps up to date as devs are always working to patch the vulnerabilities. Android apps have more malware (different from vulnerabilities) due to the more automated, faster and less restrictive review process that Google uses. These articles are starting to seem like you wanna scare people away from android…
In this instance the phone manufacturers can really do nothing as most of the apps you’re referring to are third party apps such as WhatsApp (which was recently found to have a major vulnerability which evades both iOS and android). They can only hope the dev patches it in time.
Very wise words. If get too serious with all these privacy issues we might never use our devices. Not implying that privacy is not important.