Overall, Android devices have earned a decidedly mixed reputation for security. While the OS itself and Google’s Pixels have stood up over the years against software exploits, the never-ending flow of malicious apps in Google Play and vulnerable devices from some third-party manufacturers have tarnished its image.
On Thursday, that image was further tarnished after two reports said that multiple lines of Android devices came with preinstalled malware and couldn’t be removed without users taking heroic measures.
The first report came from security firm Trend Micro. Researchers following up on a presentation delivered at the Black Hat security conference in Singapore reported that as many any 8.9 million phones and comprising as many as 50 different brands were infected with malware. First documented by researchers from security firm Sophos, Guerrilla, as they named the malware, was found in 15 malicious apps that Google allowed into its Play market.