Image result for android malware

Almost every mature human being knows that Android devices are not as protected as its Apple counterpart; being open-sourced ‌Android is quite ineffective on the security and privacy fronts – but this doesn’t mean that smart users have changed their minds.

“Still, there are 2.5 billion active Android devices” – means all are at the verge of cyber threats.

No, and yes – I will debate on this later in this malware-free blog!

Malware and other cyber attacks coming via apps and online can be controlled, but what about the pre-installed malware that comes with the device?

Yes, it’s possible!

Android – being an open-source operating system – provides a way for hackers to send pre-packaged malware with your smart devices .

Preinstalled malware has discovered on more than 7.4 million devices, which had the ability to take over the respective device and download apps in the background while committing ad-frauds; thanks to the researchers working for Google.

The research by the same Google security team also warned  the public about the welcoming dangers, but did that bother any of the Android users?

It’s not a mystery anymore; the number has said otherwise.

Well, big mobile companies like Samsung, LG, and Google’s own Pixel devices, claim that they are safe from these types of threats, but imagine the companies who are giving you utmost convenience at the lowest price and claiming to be the most secure are relying on third party software; to save a few bucks could be vulnerable.

No, you cannot comprehend whether the Android PDA you bought is malware-contaminated or not, attackers offer genuine services, and hide their  malware in the apps which are preinstalled.

Let’s try to find them!

Hidden Threat Of Preinstalled Malware

Maddie Stone (a security researcher of Google) said that hackers take advantage of the supply chain to launch their attack, rather than convincing individual users to download their malware.

Up till now, Google team didn’t mention the name of such brands who give such pre-installed malware to be incorporated in devices; according to the team, more than 200 manufacturers failed their test.

Our psyche and demands for low-priced yet feature-rich phones helped hackers and the malware producing companies to offer vulnerabilities.

There are two major malware campaigns are linked with pre-installed apps over the past three years. These are Chamois and Triada.

Chamois has been involved in various types of fraud. It is known for automatically installing background apps, downloading plugins, and sending text messages to other victims. Triada is the older version of the malware known to download malicious apps and to display fraudulent apps.

Researchers say that these two almost infected every low budget Android device before rolling out in the market.

If you think pre-installed malware is the same as download one, you’re wrong.

Preinstalled vs. downloaded malware

For a normal user, all malware seems the same, only the expert can identify the major difference, that’s why they count the pre-installed ones stronger.

As they are made and fed into the device by mobile makers so none of the antivirus detecting apps can detect it as harmful  until the app is exactly behaving like malware, which is quite rare.

Being already present, they often remain hidden from users’ exposure (no icon0, leaving people unaware that they’re being affecting; it’s more like tricking the phone-makers rather than convincing users to download malware.

Google play can stop the malicious app but can not remove it completely, to protect Android from vulnerabilities. Last year the Android security team did a survey to all of their many mobile clientele to make sure that there is no pre-installed malware package in their devices.

In 2018, Chamois botnet infected over 7.4 million devices. By July the number of devices decreased about 700,000.

Thanks to our lacking intelligence and supply chain complexities for letting the Android malware stronger.

Lack of Vigilance

Many security researchers are not paying attention to the dangers of preinstalled apps; many of them have started finding the possible with the solutions to both malware – those download by their own or those which are downloaded by the mistakenly by users.

Again, pre-installed malware is difficult to get rid of compared to the one downloaded by the user mistakenly.

These types of malware cause great damage to the device and the users’ data; experts are keenly working to reduce the number of Chamois infected devices in the coming years. Pre-installed malware can only be detected by  device manufacturers or Google. However, consumers are still advised to take necessary precautions when downloading apps from the Google Play store.

Supply chain complexity

The issue of supply chain malware has been rumbling away at a low level for some time, but this is the first time from Google when someone drew attention to it; similarly, stopping this problem is also quite tough.


So the piece of advice for the phone users that not to look at low budget phones because this may lead to data theft; prefer reliable companies. Pre-installed malware are the biggest threats to your device and your privacy – this can record all your activities, your screen, and everything that is present in your Android device.