Some apps that come pre-installed on Android phones can have up to 146 glitches, according to a report released last Friday (15) by Kryptowire, a digital security company. The problem is even more serious when the vulnerability is found to be present on devices from 29 different companies. The research was sponsored by the US Department of Homeland Security.
Among the main flaws found are installation of apps without user authorization, audio recording without the phone owner knowing, change in system settings, among other less or more serious bugs. As highlighted by the publication of WiredThe largest volume of manufacturers are small and focus on Asia, but there are also giants such as Asus, Sony, Samsung and Xiaomi.
Android malware apps have been installed 335 million times
In all, 146 flaws were found in pre-installed apps. Photo: Playback / Kryptowire
Want to buy a cell phone, TV and other discounted products? Meet the Compare TechTudo
The companies cited in the survey were soon notified as soon as the study was completed. Samsung, for example, has downplayed the problem and stated by way of an official note that Android Security does the job of protecting the user in these cases.
magazine WiredTom Karygiannis, vice president of products at Kryptowire countered: "Samsung applications can be used by third parties in the supply chain to gain access to information without disclosing or requiring permission. The current design of the Android Security framework does not prevent that this happens today ".
List of most affected manufacturers Photo: Reproduction / Kriptowire
In 2018, Google launched a tool called Build Test Suite, which is responsible for just finding and finding this kind of flaw. On the other hand, it was not very emphatic about the possible improvements. "We appreciate the work of the research community that collaborates with us to resolve and responsibly disclose issues such as these," he said in a statement. Wired.
As well warned the The Next Web, when the user downloads an infected or failed app, there is still a possibility to delete it. However, the flaws detected by the survey are in OEM applications, those that are factory installed on manufacturers' systems, so-called bloatwares, which often prevent their removal.
O TechTudo contacted all the companies mentioned in the survey. ASUS responded with the note below.
"ASUS is attentive and always seeks to improve the security system on its devices with frequent updates and real-time monitoring of potential threats. Generally, by the time these surveys are released, the company has already taken all necessary measures and the problems are already in place. We prioritize the quality and safety of our products with state-of-the-art technology and a team of highly-skilled professionals working in partnership with Google to prevent and solve these problems. "
Samsung also sent a note in response to the information released.
"Samsung takes security very seriously and our products and services are always developed with this in mind. Since we were notified by Kryptowire, we have promptly investigated the applications in question and found that the appropriate protections are already in place. To ensure the security of any device, we continue to evaluate the feedback we receive about all our products and services. "
The other manufacturers did not return until the publication of this issue.
How to Remove Virus on an Android Phone