Researchers Discover Leaks In Pre-Installed Android Apps [News]

Matt Smith 03-12-2011

android virus sickYou may have heard about a recent surge in Android malware Malware on Android: The 5 Types You Really Need to Know About Malware can affect mobile as well as desktop devices. But don't be afraid: a bit of knowledge and the right precautions can protect you from threats like ransomware and sextortion scams. Read More . Still, that malware comes in the form of apps. So long as you watch your permissions, you’re fine. Right?


Wrong. Every Android phone comes with some pre-installed apps, and some more than others. A group of researchers at North Carolina State University were interested to know if these apps, which often can’t be uninstalled by the user, contain security flaws. Eight phones were tested including three from HTC (Legend, EVO 4G, Wildfire S), two from Motorola (Droid and Droid X), the Samsung Epic 4G and Google’s Nexus One/S.

Researchers Discover Leaks In Pre-Installed Android Apps [News] androidsecurityflaw

All of the phones were found to have security issues due to pre-installed apps. The most serious of these flaws are capability leaks that allow third-party apps to exploit an interface or service in use by another app without making a permission request of its own. Researchers found it would be possible for malware to wipe out data, send SMS messages Automate SMS Replies & Schedule Messages With Auto SMS [Android 2.1+] Texting has become a common and very popular method of communicating with friends. Shooting off a quick text is much quicker and easier than calling, and it’s possible to text while distracted by other tasks.... Read More , and obtain geo-location data by exploiting pre-installed apps.

What can you do to protect yourself from this threat? The researchers don’t provide any help there, though to their credit, they did contact the companies whose phones they exploited in an attempt to provide them with information.

Since these pre-installed apps often can’t be uninstalled by default, the only complete solution is to root your phone How To Root Your Android Phone With SuperOneClick Read More and install a custom ROM. However, as the researchers note in their paper, there is no reason why third-party apps could not contain the same flaws they found in the pre-installed apps they researched.


If you’d like the full story, the paper is currently public. Just be warned – it’s not written for the layman.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. timmyjohnboy
    December 9, 2011 at 10:09 pm

    It's sad you have to do something that technically voids your warranty in order to get rid of this crap.

    • Aibek
      December 19, 2011 at 1:40 pm

      second that

  2. Peter Yagmin
    December 3, 2011 at 12:31 pm

    I wouldn't say installing a custom ROM is the ONLY way. If you root your device, you can easily use something like Titanium Backup to freeze or remove bloatware. I do however become concerned with ANY app that requests unnecessary permissions. 

    To touch on the other point of Android malware - that's been completely overblown. You can read my thoughts about that at