Security researchers always advise Android users to be careful while downloading apps from the Google Play Store. But what about pre-installed apps in Android phones? Recently a security research company stated that pre-installed apps and firmware pose a risk due to vulnerabilities (bugs). The researchers found over 140 bugs in preinstalled apps which could be exploited for malicious purposes.
What these apps were capable of doing?
In a report published by Kryptowire, security researchers mentioned that they have uncovered 146 bugs on pre-installed apps on low-end Android smartphones that would do malicious stuff. This includes a range of things such as turning the microphone on for spying on users or establishing a remote connection with a malicious server and transmitting data from the phone without the explicit permission of the user. The researchers found that the vulnerabilities could have a serious impact on the privacy of a user if exploited.
Surprisingly, these apps were offered by some leading phone makers
These bugs were found after analysing 29 different manufacturers like Cubot and Doogee. Now, the surprising bit is, this list doesn’t just include low-key smartphone brands like Cherry and Cubot but also some big industry leaders like Samsung, Sony, Xiaomi, and ASUS. Notably, Samsung devices had 33 vulnerable apps while Xiaomi had 15.
No word on the action taken
The report from Kryptowire only highlighted the vulnerability but there’s no clarity on how the smartphone makers would deal with this issue. According to CNET, an average Android devices come with almost 100 to 400 pre-installed apps so it seems like Google will have a lot of work to monitor and evaluate the amount of apps before they are installed.
Currently, neither Google nor the smartphone companies have commented on the matter, but we hope that soon the developers and manufacturers would take the issue into notice and take necessary action to keep their customers safe.