Attention! Over 140 apps preinstalled on Android contain malware

The security company Kryptowire has a habit of releasing its report of malicious applications on Android smartphones every year. In this year’s report, the company discloses the discovery of 146 potentially Android dangerous malware apps.

Kryptowire concluded that all applications in question come preinstalled on Android smartphones. This means that users cannot avoid this malware apps unless they do not buy any of the models of the targeted brands.

The findings of this report demonstrate that these 146 malicious applications are available across 29 different manufacturers. Many of them are smaller brands – like Cubot or Doogee – but we also have famous brands like Samsung, Xiaomi or Sony on the list.

Some of these applications may change smartphone permissions

The Kryptowire report details some of the security holes caused by these applications. Among a lot of harms, we can highlight the ability to record audio, change smartphone settings or even change the permissions granted to them.

The big thing is that all this happens without the user realizing it. As if it were not enough that the user has no decision-making power in their installation, there is no way to know what these applications do on their equipment.

Android malware apps: Kryptowire believes there is a solution to the problem

For Angelos Stavrou, CEO of Kryptowire, Google could play an active role in preventing this scenario. For him, the US company could, among other things, be more careful in code analysis.

“In the race to create cheap devices, I believe that the quality of software is being eroded. In a way that exposes the end user.” said Angelos Stavrou.

According to Wired, the company responsible for this study began communicating its findings to Google and other manufacturers in the summer. However, not all believe in the seriousness of Kryptowire’s claims.

One such case is Samsung, which says that all necessary measures are already in place. In that sense, the South Korean company sees no reason to change its policies after this report.

Already on the side of Google, several measures to prevent this scourge have already been taken. However, the effort cannot be entirely Google’s. And developers also have to fight to stop this type of software.

App Defense Alliance

It is worth to mention that Google has now formed an alliance with third-party protection services to end malware apps before it reaches the Play store. This alliance “App Defense Alliance” is formed by Google, ESET, Lookout and Zimperium. The idea is to collaborate to share information and improve malware detection, especially before it reaches users.

This alliance involves a secure two-way communication system between Google and its partners. To share information about threats, samples, detection systems and feedback their systems through the results of the other allies.

In practice, it means that Google will share with these companies the pending applications to publish on Play store. To make use of an extra pair of eyes. And try to stop malware and PHA (potentially harmful applications) before they reach the Play store.

Partners of the App Defense Alliance can send a request to the Google Play Protect scanner service. To have an app analyzed. The GPP scanner service then sends back the scan results directly to the partner. This direct communication also allows GPP to send requests. To partner’s scanner services and receive results from the partner’s scanning engines. This will generate new app risk intelligence as apps are waiting to publish. Partners will analyze that dataset and act as another. Vital set of eyes prior to an app going live on the Play Store.