The findings have raised further alarm bells in technology community, following WikiLeaks' recent Vault 7 data dump
(Justin Sullivan/Getty Images)
Sign up to our free weekly IndyTech newsletter delivered straight to your inbox
Sign up to our free IndyTech newsletter
Over 30 different Android smartphones and tablets have been found to have had malware preinstalled on them before users even switched them on, according to a cyber security firm.
Check Point detected a “severe infection” on 38 handsets being used by two of its corporate clients, a telecommunications firm and a multinational technology company that have not been named.
The issue affects smartphones from a number of big-name brands, including Samsung, LG and Google. Those named by Check Point are:
Samsung Galaxy Note 2
LG G4
Samsung Galaxy S7
Samsung Galaxy S4
Samsung Galaxy Note 4
Samsung Galaxy Note 5
Samsung Galaxy Note 8.0
Xiaomi Mi 4i
Galaxy A5
ZTE x500
Samsung Galaxy Note 3
Samsung Galaxy Note Edge
Samsung Galaxy Tab S2
Samsung Galaxy Tab 2
Oppo N3
Vivo X6 plus
Nexus 5
Nexus 5X
Asus Zenfone 2
Lenovo S90
Oppo R7 plus
Xiaomi Redmi
Lenovo A850
It must be made clear, however, that not all models of the devices named above are affected.
“According to the findings, the malware were already present on the devices even before the users received them,” reads the Check Point blog post announcing the discovery.
Gadget and tech news: In pictures
Show all 25
“The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain.”
Most of the malware discovered by Check Point were info-stealers, but one of the phones had been pre-loaded with ransomware called Slocker.
Ransomware allows a hackers to lock a user out of their device, only restoring proper functionality in exchange for money.
“Pre-installed malware compromise the security even of the most careful users,” continues the report. “In addition, a user who receives a device already containing malware will not be able to notice any change in the device’s activity which often occur once a malware is installed.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies