Security researchers have identified 25 Android phones that come with vulnerabilities pre-installed, leaving them liable to be hacked.
Researchers from Kryptowire found a staggering 38 different weaknesses that come right out of the box on phones made by big names like Sony, LG, Essential, Asus and ZTE.
“All of these vulnerabilities are prepositioned,” Angelos Stavrou, Kryptowire CEO, said at the Defcon hacker conference recently, where the researchers revealed their findings.
“They come as you get the phone out of the box. That’s important, because consumers think they’re only exposed if they download something that’s bad.”
The biggest phone to feature? The LG G6. One vulnerability could lock the user out, even in safe mode.
This would force a factory reset, causing the user to lose all the data stored on the phone.
But it wasn’t the only one at fault. A pre-installed Essential Phone app could allow any other apps to wipe the phone’s data, while the Sony Xperia L1 and Nokia 6 could let hackers take screenshots.
Thankfully, fixes have already been released or are being worked on as we speak. Still, it’s more than a little worrying.