Alphabet Inc (GOOGL) Android Smartphones Found With Pre-Installed Malware

Advertisement

Malware made the leap from PCs to smartphones along with users. It’s always been known that devices running Alphabet Inc’s (NASDAQ:GOOGL) Android operating system are much more susceptible to being infected than Apple Inc. (NASDAQ:AAPL) iPhones. However, the situation may be even worse than we realized.

Alphabet Inc (GOOGL) Android Smartphones Found With Pre-Installed Malware

Source: Check Point Software Technologies

A mobile security research team posted on Friday that it scanned devices owned by two large companies and found Android malware pre-installed on smartphones from 38 different manufacturers.

That discovery should concern both corporate IT departments, and consumers. And it once again validates Apple’s “controlling” iPhone approach.

Android Malware Illustrates the Downside of Google’s Approach

From the launch of the first iPhone in 2007, Apple retained full control of its iOS operating system and installed it only on its own hardware. Apps can only be downloaded from the App Store and these are checked and vetted by Apple engineers.

With limited hardware configurations, Apple is able to test iOS thoroughly for all iPhone users. The company is aggressive about pushing out new iOS versions (79% of all iPhones are running iOS 10), and in the event of a security issue, it’s able to quickly push out system updates to address it.

With Android, GOOGL took a very different approach from Apple. It went wide open, licensing Android to dozens of different smartphone manufacturers. Users are free to tinker with the operating system and they can download apps from virtually anywhere — not just Google Play. This open approach helped Google to dominate the smartphone industry, with nine out of 10 new smartphones running Android.

But the approach makes smartphone security a nightmare.

Android updates often require manufacturer and/or carrier cooperation. As a result, only 2% of Android devices are running the latest version of Android, while the majority are running software that’s at least several years out of date.

Freedom to install questionable apps plus an older version of the operating system has let Android malware run rampant. At one point it was estimated to account for 97% of all mobile malware.

Check Point’s Pre-Installed Android Malware Discovery

Check Point Software Technologies Ltd. (NASDAQ:CHKP), an IT security company, reported in a Friday blog post that it had scanned the smartphones for two large companies (identified only as “large telecommunications company” and a “multinational technology company”) and discovered Android malware had been pre-installed on smartphones from 38 different hardware manufacturers.

Android malware identified ranged from adware to mobile ransomware capable of encrypting all data on the device until a fee is paid to unlock it. Some had been added to the smartphone ROM, meaning reinstalling Android would not remove it. And none of this malware was downloaded by users. The smartphones arrived at the two companies pre-infected, with installation happening “somewhere along the supply chain.”

Some of the most popular Android smartphones from 38 different manufacturers were infected, including Samsung Electronics Co Ltd’s (OTCMKTS:SSNLF) best-selling Galaxy S7. Also caught in the sweep was the Nexus 5 — an LG smartphone co-developed with Google.

The Nexus 5 is several years old, but the Android malware discovered on it had been there since the time of delivery.

If a smartphone released in cooperation with Google itself is not immune from being infected before it even reaches the user, then Android’s smartphone security issue is even bigger than previously thought.

Apple’s Long-Term Advantage

This isn’t the first time Android malware has made headlines. Last November, Check Point discovered a widespread infection of Android smartphones with HummingBad. This Chinese malware was found to have infected over 10 million Android smartphones worldwide.

And of course, there was the infamous WikiLeaks CIA dump last week that shone a light on smartphone security and the tools used by government agencies to bypass it. Several dozen Android vulnerabilities were revealed, along with 14 iOS exploits.

The difference is, Apple had addressed most of the iPhone issues in iOS 10, which has widespread adoption. Google may have patched Android, but chances are most Android smartphones out there won’t get the update and will remain vulnerable. This latest Android malware discovery shows that the weakness to GOOGL’s approach extends all the way to the supply chain. Even the most trusted manufacturers are not immune to having their smartphones compromised before the consumer even gets their hands on them.

Google’s wide-open Android approach has let it build a commanding 90% smartphone marketshare. But with Android malware increasingly in the spotlight and no easy solution in sight, the stage is set for Apple to press its advantage over GOOGL’s approach.

Apple built its iPhone empire around premium design, ease of use and plentiful apps. But its advantage in smartphone security may turn out to be the factor that lets it eat into Google’s Android lead in the long term.

As of this writing, Brad Moon did not hold a position in any of the aforementioned securities.

Brad Moon has been writing for InvestorPlace.com since 2012. He also writes about stocks for Kiplinger and has been a senior contributor focusing on consumer technology for Forbes since 2015.


Article printed from InvestorPlace Media, https://investorplace.com/2017/03/alphabet-inc-googl-android-smartphones-found-preinstalled-malware/.

©2024 InvestorPlace Media, LLC