Google highlights the significance of Play Services For Android security

Main Image
  • Like
  • Comment
  • Share

Google highlights the significance of Play Services against Triada trojan and other threats in a blog post published recently. Triada is a family of trojans that had infected some Android phones a few years back. Kaspersky Labs, who discovered it in 2016 called it, “one of the most advanced mobile Trojans”. Next year, Dr. Web reported few affected devices namely “Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.”

ALSO READ: Delhi High Court Orders Asus To Stop Selling Zenfones In India For Now

How Triada managed to creep in?

Google Triada

Some device manufacturers who lack the necessary resources for the entire end-to-end software development delegate the task to third-party vendors. These parties may tinker with the base software and customize it with additional features. The problem arose when the miscreants managed to embed the trojan right into the system libraries. The OEMs unaware of the same packed it within their phones.

Google Triada
Source: Google

Now, Triada was a system module that had all the admin privileges to tamper with any app in the device. It could exploit the core of the Android OS- Zygote Process, which handles the initiation of each new application process.

Triada apps managed to copy the package names of Google Play apps. The attackers used it as a backdoor to secretly install additional modules and scripts, push ads like adware. They could even siphon out important bank credentials and private data.

Worse, Triada couldn’t be deleted simply like any user application. To eliminate the threat, the entire ROM had to be reflashed. So, you get the gist of the gravity.

Ok, Google: Are our devices safe?

Google Triada

Google acknowledged the Dr. Web report on Thursday, although the manufacturer names were swept under the rug. The case study alleges the chance of multiple culprits on the vendor side.

Lukasz Siewierski, a member of Google’s Android Security & Privacy Team, wrote:

Triada infects device system images through a third party during the production process. Sometimes OEMs want to include features that aren’t part of the Android Open Source Project, such as face unlock. The OEM might partner with a third party that can develop the desired feature and send the whole system image to that vendor for development. Based on the analysis, we believe that a vendor using the name Yehuo or Blazefire infected the returned system image with Triada.

The silicon valley giant has patched the aforementioned security issues. Google has helped the manufacturers to remove the malicious app from the firmware image. It puts the emphasis on Google Play Protect also that allowed the company to remotely disinfect compromised phones.

Mike Cramp, the senior security researcher at mobile security provider Zimperium, agreed with the assessments that Triada’s capabilities were advanced.

“From the looks of it, Triada seems to be a relatively advanced piece of malware including C&C capabilities, and in the beginning, shell execution capabilities,” Cramp wrote in an email. “We do see a lot of adware, but Triada is different in that it uses C&C and other techniques that we would usually see more in the malicious malware side of things. Yes, this is all used to ultimately deliver ads, but the way they go about it is more sophisticated than most adware campaigns. It pretty much is an ‘adware on steroids.”

Google admits that it’s an arduous task to secure Android devices due to the involvement of OEMs, especially in cases involving third-party vendors. However, as a precautionary measure, it offers a “Build Test Suite” to scan malware like Triada to help alleviate security risks.

ALSO READ: LG W Series Phone will employ 12nm chipset and 4000mAh battery: Key Specs and Price Leak

The company stresses the significance of Google Play Services in the safety and security of our data. Play Protect which is part of it, frequently scans for threats. This could prove a valid argument and an effective armor during its ongoing strife with the EU.

Vasan G.S.Vasan G.S.
An inquisitive mind who spends a big chunk of the day keenly tracking every emerging detail and is responsible for quickly passing on important developments to Smartprix followers. He loves to stay in his bubble scripting his destiny involving amazing technology and people with good character, passion, and brilliance.

Related Articles

ImageExclusive: Moto Razr 50 Lineup Debuts in July

The Lenovo-owned smartphone brand Moto is gearing up to release the yearly update to its Razr series. Last year, the company released the Razr 40 (review) and the Razr 40 Ultra. In 2024, the brand will update its foldable lineup with the Razr 50 and the Razr 50 Ultra, two foldables that could compete with …

ImageHow to use Google’s Find My Device feature to locate your lost Android phone

Smartphones are an integral part of everyone’s life today and it brings a sudden trauma when your hands don’t find the phone in your pocket. Also, there are several occasions when you accidentally forget your phone on the office desk, cab, or at a shop counter. But if you are an Android owner, you can …

ImageGoogle’s all set to drop Android 12 GO Edition for long battery life & faster app launching

Google has announced an Android 12 Go Edition for entry-level based Android smartphones. In a blog post shared by the company, they have highlighted the key features of this new edition OS. It is said to provide a faster, cheaper, and more privacy-friendly experience to the users and will be available for the users next …

ImageGoogle I/0 2024: AI-Powered Scam Call Detection Arrives on Android Phones This Year

At the I/O developer conference on Tuesday, Google announced that it is working on implementing advanced security measures to protect Android users from telephone scams. Google is testing a new call monitoring feature that will alert users of potential fraudulent activity during calls and prompt them to end the communication. The new feature, powered by …

ImageGoogle Wallet App Roundup: Features, How to Use, Difference from Google Pay & More

Google Wallet App has finally gone official in India. It is a digital wallet app by Google that allows users to store their confidential information like Loyalty cards, transit passes, IDs, and more in one place. The app is now available to download via Google Play Store for all Android devices. With the launch of …


Be the first to leave a comment.