Malware on our smartphones aren’t new, although for the most part, this can be easily avoided by not downloading from suspicious-looking websites or unofficial sources. However, it seems that being smart about your downloads isn’t good enough because Google has recently confirmed that there have been some Android devices that have actually come preinstalled with malware.
For those who are unfamiliar with what has been going on, earlier this year, there was a Trojan malware called Triada that was discovered on a bunch of budget Android handsets. This confirmation by Google basically acknowledges that some Android handsets were indeed compromised by this malware as part of a supply chain attack.
This means that right out of the door, these Android handsets were compromised well before they reached the hands of their customers, where with every subsequent use of the phone and its apps, it could have allowed hackers access to the phone’s contents and data and would also allow hackers to remotely execute code on the device.
Google has since confirmed that they have worked with the OEMs of these devices and through OTA updates, have removed the infections and closed the backdoor. However, exactly how much damage might have been done as a result of the malware is unclear.