Google Warns of Growing Android Attack Vector: Backdoored SDKs and Pre-Installed Apps

[silversurfer]

Google is reporting an uptick in efforts by bad actors to plant potentially harmful applications (PHAs) on Android devices via pre-installed apps and by bundling them with system updates delivered over the air.
 
The technique is especially troubling, Google said, because PHAs are often malicious and users have no control over what comes pre-installed on their phone and what is downloaded via a system update.
 
“Malicious actors increased their efforts to embed PHAs into the supply chain using two main entry points: new devices sold with pre-installed PHAs and over the air (OTA) updates that bundle legitimate system updates with PHAs,” wrote Google in its Android Security and Privacy Year in Review 2018, released on Friday.

SOURCE: https://threatpost.com/google-warns-of-g...ps/143332/

[Deep900]

That is a serious problem, especially for the fact they could be installed with system updates (which are fundamental also for new critical security updates, patches and fixes). In some cases preinstalled applications can be disabled with phone settings.