Attention! Over 140 apps preinstalled on Android contain malware

Android malware

The security company Kryptowire has a habit of releasing its report of malicious applications on Android smartphones every year. In this year’s report, the company discloses the discovery of 146 potentially Android dangerous malware apps.

Kryptowire concluded that all applications in question come preinstalled on Android smartphones. This means that users cannot avoid this malware apps unless they do not buy any of the models of the targeted brands.

The findings of this report demonstrate that these 146 malicious applications are available across 29 different manufacturers. Many of them are smaller brands – like Cubot or Doogee – but we also have famous brands like Samsung, Xiaomi or Sony on the list.

Some of these applications may change smartphone permissions

The Kryptowire report details some of the security holes caused by these applications. Among a lot of harms, we can highlight the ability to record audio, change smartphone settings or even change the permissions granted to them.

The big thing is that all this happens without the user realizing it. As if it were not enough that the user has no decision-making power in their installation, there is no way to know what these applications do on their equipment.

Android malware apps: Kryptowire believes there is a solution to the problem

For Angelos Stavrou, CEO of Kryptowire, Google could play an active role in preventing this scenario. For him, the US company could, among other things, be more careful in code analysis.

Gizchina News of the week

“In the race to create cheap devices, I believe that the quality of software is being eroded. In a way that exposes the end user.” said Angelos Stavrou.

According to Wired, the company responsible for this study began communicating its findings to Google and other manufacturers in the summer. However, not all believe in the seriousness of Kryptowire’s claims.

One such case is Samsung, which says that all necessary measures are already in place. In that sense, the South Korean company sees no reason to change its policies after this report.

Read Also:  Samsung promises to be faster with One UI 6.0 update

Already on the side of Google, several measures to prevent this scourge have already been taken. However, the effort cannot be entirely Google’s. And developers also have to fight to stop this type of software.

App Defense Alliance

It is worth to mention that Google has now formed an alliance with third-party protection services to end malware apps before it reaches the Play store. This alliance “App Defense Alliance” is formed by Google, ESET, Lookout and Zimperium. The idea is to collaborate to share information and improve malware detection, especially before it reaches users.

This alliance involves a secure two-way communication system between Google and its partners. To share information about threats, samples, detection systems and feedback their systems through the results of the other allies.

In practice, it means that Google will share with these companies the pending applications to publish on Play store. To make use of an extra pair of eyes. And try to stop malware and PHA (potentially harmful applications) before they reach the Play store.

Partners of the App Defense Alliance can send a request to the Google Play Protect scanner service. To have an app analyzed. The GPP scanner service then sends back the scan results directly to the partner. This direct communication also allows GPP to send requests. To partner’s scanner services and receive results from the partner’s scanning engines. This will generate new app risk intelligence as apps are waiting to publish. Partners will analyze that dataset and act as another. Vital set of eyes prior to an app going live on the Play Store.

Source/VIA :
Previous Strategy Analytics expects Apple to lead the 5G market in 2020
Next Google Drive backup stops working on Android mobile devices


  1. Chris Yates
    November 16, 2019

    The apps in question are not ‘malware’, which, by definition, is an app that is coded with the intent to harm the user’s device. Rather, these apps contain security ‘holes’ or vulnerabilities that actual malware can exploit if such apps are downloaded. I think you should change the title to reflect that, as the Wired article and official report do.

  2. Sam130Hill
    November 17, 2019

    Great article. Was so happy to see the list of 29 phones and mine wasn’t on it. The other list of 149 apps gave me equal joy. Oh snap, no lists, I am so embarrassed. You would make a pimple on a reporter’s butt. You ain’t even a good pencil holder.

    • Guest
      November 18, 2019

      where can i find out wotch apps are affected?

  3. robert distasio
    November 17, 2019

    I knew it!

  4. Sam130Hill
    November 18, 2019

    Got no idea. Guess you need to ask the DA keyboarder