- Android phones are by and large the most widely used smartphones on the planet, compared to rival iOS devices.
- However, a string of reports has surfaced in recent months identifying all sorts of security issues in Android smartphones, including the presence of sketchy and malicious apps hiding in the Google Play Store.
- A new report from Kaspersky identified an even more scary security issue — the possibility that undeletable sketchy files and apps may be hiding in some Android devices.
Between all the security issues we keep having to report on — like this new batch Android apps caught stealing peoples’ Facebook login credentials, the relative ease and regularity with which dodgy apps seem to sneak into the Google Play Store, and now a new report that some Android devices may be hiding sketchy apps and files that are undeletable — I’ll probably never buy an Android device.
That latest bit of news we mentioned comes from the Moscow-based cybersecurity company Kaspersky, which found that almost 15% of devices with identified malware over the past 12 months had their system partitions infected. “Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources,” the Kaspersky report notes. In some cases, the report goes on, “the adware plants itself in the system partition, and trying to get rid of it can lead to device failure. In addition, ads can be embedded in undeletable system apps and libraries at the code level.”
The reason for these security researchers’ assessment that undeletable adware has been loaded onto a device includes the following — in one scenario, code for displaying ads (or its loader) gets inserted into the firmware of a device long before that device ends up in a consumer’s hands. Two, the malware has gained root access on the device and installed itself in the system partition.
In terms of the kinds of malware that we’re actually talking about here, this report flags the Lezok and Triada Trojans as being among the most common type installed in the smartphones’ system partition. The ad code for those Trojans can be found embedded directly in “libandroid_runtime,” which is a library used by almost all of the phone’s apps.
Others include “Trojan-Dropper.AndroidOS.Agent.pe,” a Trojan utility usually found hiding either in the handle that control’s the device’s graphical interface or in the Settings utility.
“The examples in our investigation show that the focus of some mobile device suppliers is on maximizing profits through all kinds of advertising tools, even if those tools cause inconvenience to the device owners,” the Kaspersky researchers write. “If advertising networks are ready to pay for views, clicks, and installations regardless of their source, it makes sense to embed ad modules into devices to increase the profit from each device sold.
Unfortunately, if a user purchases a device with such pre-installed advertising, it is often impossible to remove it without risking damage to the system.”
This marks yet another black eye for Android users to be aware of, following others we’ve reported on in recent months. Like the nearly 600 apps Google had to ban from the Play Store earlier this year for violating the company’s “disruptive ads policy.” Apps, we should add, that garnered more than 4.5 billion installs before Google took action.
