Apps preinstalled on Android phones have 146 flaws, says research

Aplikasi yang diinstal sebelumnya pada ponsel Android memiliki 146 kekurangan, kata penelitian

Some apps that come pre-installed on Android phones may have up to 146 failures, according to a report released last Friday (15) by Kryptowire, a company specializing in digital security. The problem is even more serious when it is found that the vulnerability is present in devices from 29 different companies. The research was sponsored by the United States Department of Homeland Security.

Among the main flaws found are installation of apps without user authorization, audio recording without the cell phone owner knowing, changes in system settings, among other less or more serious bugs. As the publication of the Wired, the largest volume of manufacturers are small and are concentrated in Asia, but there are also industry giants like Asus, Sony, Samsung and Xiaomi.

Android malware apps installed 335 million times

1 out of 2 Altogether, 146 flaws were found in pre-installed apps – Photo: Reproduction / Kryptowire

Altogether, 146 flaws were found in pre-installed apps – Photo: Reproduction / Kryptowire

Want to buy cell phones, TV and other discounted products? Discover Compare dnetc

The companies cited in the survey were soon notified, as soon as the study was ready. Samsung, for example, minimized the problem and said, through an official note, that Android Security does the job of protecting the user in these cases.

The magazine Wired, Tom Karygiannis, vice president of products at Kryptowire countered: «Samsung apps can be used by third parties in the supply chain to gain access to information without disclosing it or requiring permissions. The current design of the Android Security framework does not prevent let it happen today «.

2 of 2 List with the most affected manufacturers – Photo: Reproduction / Kriptowire

List with the most affected manufacturers – Photo: Reproduction / Kriptowire

In 2018, Google launched a tool called Build Test Suite, which is responsible for precisely looking for and finding this type of flaw. On the other hand, he was not very emphatic about the possible improvements. «We appreciate the work of the research community that collaborates with us to resolve and disseminate issues like these responsibly,» he merely said in a statement sent to Wired.

As well warned the The Next Web, when the user downloads an infected or failed app, there is still the possibility to delete it. However, the flaws detected by the research are in OEM applications, those that are installed at the factory in manufacturers’ systems, so-called bloatwares, which often prevent their removal.

THE dnetc contacted all the companies mentioned in the survey. ASUS responded with the note below.

«ASUS is attentive and always seeks to improve the security system on its devices with frequent updates and real-time monitoring of possible threats. Generally, when these surveys are released, the company has already taken all necessary measures and the problems are already in place. correction process. We prioritize the quality and safety of our products, with the latest technology and a team of highly trained professionals who work, in partnership with Google, to prevent and solve this type of problem. »

Samsung also sent a note in response to the information released.

«Samsung takes security very seriously and our products and services are always developed with this in mind. Since we were notified by Kryptowire, we have promptly investigated the applications in question and verified that the appropriate protections are already in place. To ensure the security of on any device, we continue to evaluate the feedback we receive about all of our products and services. »

The other manufacturers did not return until the publication of this article.

How to remove viruses on an Android phone

How to remove viruses on an Android phone