Keeping malware off of your mobile device should be a top priority for anyone who purchases a new smartphone or tablet, but what if the battle against bad actors has been lost before you even open the box? That’s exactly what security firm Check Point says is happening right now, and it just released a report claiming that it detected malware on 36 different Android devices being used by multiple large tech companies.
The devices on which the malicious code was detected are thought to have been compromised at some point between manufacturing and eventual sale to the end user. “The malicious apps were not part of the official ROM supplied by the vendor,” Check Point’s Mobile Threat Prevention team explains in a blog post, adding that the malware must have been added “somewhere along the supply chain.”
In Check Point’s investigation, the devices that were shown to have preinstalled malware come from many different manufacturers. They include: Galaxy Note 2, 3, 4, 5, and 8, Asus Zenfone 2, LG G4, Nexus 5 and 5X, and Xiaomi Mi 4i and Redmi.
For better or worse, the malware found to be installed on the devices is fairly well known in mobile security circles and includes Loki, a malicious advertising bot, and Slocker, which uses the Tor network to send data back to its creator while avoiding detection. This is obviously a very serious situation, and it’s certainly not the first time Android devices were found to have security issues right out of the box. Check Point hasn’t revealed what company the devices belonged to, but that might not actually matter in the grand scheme of things, as it appears preinstalled malware is becoming something of a trend on Google’s mobile OS.