Security researchers from Google’s Project Zero team recently uncovered pre-installed apps in Android devices that either allowed remote attackers to carry out remote code execution, could disable Google Play Protect in devices, or could collect information on users’ web activities.
At the Black Hat cybersecurity conference in Las Vegas, Maddie Stone, a security researcher on Project Zero and who previously served as Senior Reverse Engineer & Tech Lead on Android Security team, revealed that her team discovered three instances of Android malware being pre-installed in budget Android phones in the recent past.
One such pre-installed app was capable of turning off Google Play Protect, the default mobile security app in Android devices, thereby leaving devices vulnerable to all forms of cyber attacks or remote surveillance. The Project Zero team also found an app pre-installed on Android phones that gathered logs of users’ web activities.
Comments are closed.