A new report from CheckPoint has discovered that buying a new Android smartphone doesn’t guarantee that it is clean. Many of the biggest names and models come preinstalled with potentially dangerous malware:
The Check Point Mobile Threat Prevention has recently detected a severe infection in 38 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the users’ use, it arrived with it.
According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed.
Now let me be clear. Since they were added after manufacture, the vendors of the smartphones aren’t to blame. But this should concern you as it means that you cannot trust the security of these devices right out of the box.
Now it is possible for you to re-flash the device the second you get it to avoid this issue. And if you’re really paranoid, you could go to the extreme of rooting the device and installing Android from scratch. But why should you have to do either? Should you not have a reasonable expectation to take a device out of the box? Clearly that’s not the case and perhaps you will need to do one of the above if you want to be as secure as possible.