Google highlights the significance of Play Services For Android security

Main Image
  • Like
  • Comment
  • Share

Google highlights the significance of Play Services against Triada trojan and other threats in a blog post published recently. Triada is a family of trojans that had infected some Android phones a few years back. Kaspersky Labs, who discovered it in 2016 called it, “one of the most advanced mobile Trojans”. Next year, Dr. Web reported few affected devices namely “Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.”

ALSO READ: Delhi High Court Orders Asus To Stop Selling Zenfones In India For Now

How Triada managed to creep in?

Google Triada

Some device manufacturers who lack the necessary resources for the entire end-to-end software development delegate the task to third-party vendors. These parties may tinker with the base software and customize it with additional features. The problem arose when the miscreants managed to embed the trojan right into the system libraries. The OEMs unaware of the same packed it within their phones.

Google Triada
Source: Google

Now, Triada was a system module that had all the admin privileges to tamper with any app in the device. It could exploit the core of the Android OS- Zygote Process, which handles the initiation of each new application process.

Triada apps managed to copy the package names of Google Play apps. The attackers used it as a backdoor to secretly install additional modules and scripts, push ads like adware. They could even siphon out important bank credentials and private data.

Worse, Triada couldn’t be deleted simply like any user application. To eliminate the threat, the entire ROM had to be reflashed. So, you get the gist of the gravity.

Ok, Google: Are our devices safe?

Google Triada

Google acknowledged the Dr. Web report on Thursday, although the manufacturer names were swept under the rug. The case study alleges the chance of multiple culprits on the vendor side.

Lukasz Siewierski, a member of Google’s Android Security & Privacy Team, wrote:

Triada infects device system images through a third party during the production process. Sometimes OEMs want to include features that aren’t part of the Android Open Source Project, such as face unlock. The OEM might partner with a third party that can develop the desired feature and send the whole system image to that vendor for development. Based on the analysis, we believe that a vendor using the name Yehuo or Blazefire infected the returned system image with Triada.

The silicon valley giant has patched the aforementioned security issues. Google has helped the manufacturers to remove the malicious app from the firmware image. It puts the emphasis on Google Play Protect also that allowed the company to remotely disinfect compromised phones.

Mike Cramp, the senior security researcher at mobile security provider Zimperium, agreed with the assessments that Triada’s capabilities were advanced.

“From the looks of it, Triada seems to be a relatively advanced piece of malware including C&C capabilities, and in the beginning, shell execution capabilities,” Cramp wrote in an email. “We do see a lot of adware, but Triada is different in that it uses C&C and other techniques that we would usually see more in the malicious malware side of things. Yes, this is all used to ultimately deliver ads, but the way they go about it is more sophisticated than most adware campaigns. It pretty much is an ‘adware on steroids.”

Google admits that it’s an arduous task to secure Android devices due to the involvement of OEMs, especially in cases involving third-party vendors. However, as a precautionary measure, it offers a “Build Test Suite” to scan malware like Triada to help alleviate security risks.

ALSO READ: LG W Series Phone will employ 12nm chipset and 4000mAh battery: Key Specs and Price Leak

The company stresses the significance of Google Play Services in the safety and security of our data. Play Protect which is part of it, frequently scans for threats. This could prove a valid argument and an effective armor during its ongoing strife with the EU.

Vasan G.S.Vasan G.S.
An inquisitive mind who spends a big chunk of the day keenly tracking every emerging detail and is responsible for quickly passing on important developments to Smartprix followers. He loves to stay in his bubble scripting his destiny involving amazing technology and people with good character, passion, and brilliance.

Related Articles

ImageSamsung Galaxy Ring moves closer to launch: Spotted in a widget application

2024 is turning out to be a year of tech innovations and Samsung is joining the trend with wearable Samsung Galaxy Ring that will launch soon. The Samsung Galaxy Ring was first shown off during the Samsung Galaxy S24 Series launch in January and the launch date was claimed to be the second half of …

ImageHow to use Google’s Find My Device feature to locate your lost Android phone

Smartphones are an integral part of everyone’s life today and it brings a sudden trauma when your hands don’t find the phone in your pocket. Also, there are several occasions when you accidentally forget your phone on the office desk, cab, or at a shop counter. But if you are an Android owner, you can …

ImageGoogle’s all set to drop Android 12 GO Edition for long battery life & faster app launching

Google has announced an Android 12 Go Edition for entry-level based Android smartphones. In a blog post shared by the company, they have highlighted the key features of this new edition OS. It is said to provide a faster, cheaper, and more privacy-friendly experience to the users and will be available for the users next …

ImageGoogle Bard Is Now Gemini, Android App Now Available On Play Store

In a rather surprising development, Google has renamed its AI chatbot Bard. From now on, the chatbot will be called Gemini. Hence, the users who search for Bard on Google Search will now end up on “Gemini.Google.com.” Along with this, the Alphabet-owned company has also launched Gemini Advanced, the AI chatbot based on the most …

ImageAndroid 14 QPR3 Beta 2 rolls out for Pixel 5a & above but we cautious when sideloading

We were wrapping our heads around Google’s Pixel Feature Drop which arrived this Monday with a slew of features. However, it seems like Google wants us to keep playing with our devices and released a new QRP beta. Dubbed the Android 14 QPR3 Beta2, the update is live across Google Pixel 5a and above and …

Discuss

Be the first to leave a comment.

Related Products