Google LLC has now admitted that some Android phones, going back as far as 2016, were shipped with malware installed unknowingly by smartphone manufacturers. However, it has not officially disclose which smartphone models were infected.
The malware called ‘Triada’ was detected three years ago by Google in a bid to protect Android smartphones from it. Over time, it became harder to detect as it grew stronger. ‘Triada’ is a trojan virus that hackers use to get backdoor access to an infected device. This function was found in a virus, last detected in 2017, and it could install modules in a place within Android, something that went unnoticed by many smartphone manufacturers at the initial stage.
Smartphones infected with malware are no hot news. There have been many instances when hackers have targeted smartphone makers and malicious software has been downloaded in the past. Never have the manufacturers been tricked into installing the malware with such subtlety, versus hacking smartphones overtly or breaking into plants.
So how did the hackers get access? They pretended to be a legitimate third-party software suppliers that could tag along with a standard Android Open Source Project installation. This is the free version of Android that does not require any licensing, for example, the face unlock program. A method as slyly technical and sophisticated like this, is a clever way to get a malware onto a phone, given that many smartphone manufacturers lack the resources to build all the features they want to use in-house. Hence, they depend on third-party vendors to build and supply them, becoming a vector of attack.
The complex functionalities of Android ROMs disable even big companies to build their ROMs that does not include some part of third-party code. In order to counter this inefficiency, Google says that it offers Original Equipment Manufacturers (OEMs) a ‘Build Test Suite’, a means on the manufacturing level that can scan for malware like Triada to help protect smartphones against such risks.