Google sold Android phones with a big security risk

Google's Pixel phones have an app that's vulnerable to hackers, a mobile security firm found

We may earn a commission from links on this page.
The Google Pixel 9, Pixel 9 Pro and Pixel 9 Pro XL phones.
The Google Pixel 9, Pixel 9 Pro and Pixel 9 Pro XL phones.
Photo: Justin Sullivan (Getty Images)
In This Story

Google’s (GOOGL) Pixel smartphones ship with a risky application that leaves them vulnerable to hackers, mobile security firm iVerify has found.

The third-party app has reportedly been embedded in Pixel phones for years. According to iVerify, the app has a vulnerability that “leaves millions of Android Pixel devices susceptible” to hackers, “giving cybercriminals the ability to inject malicious code and dangerous spyware.” A Google (GOOGL) spokesperson told WIRED that the company will work to remove the software in the coming weeks.

Advertisement

The spokesperson told The Washington Post that “[e]xploitation of this application on a user phone requires both physical access to the device and the user’s password.”

Advertisement

The security issue with Google’s Pixel phones has prompted AI giant Palantir (PLTR) to stop issuing them to its employees, the Post reports.

Advertisement

“Mobile security is a very real concern for us, given where we’re operating and who we’re serving,” Palantir’s (PLTR) Chief Information Security Officer, Dane Stuckey, told The Post. “This was very deleterious of trust, to have third-party, unvetted insecure software on it. We have no idea how it got there, so we made the decision to effectively ban Androids internally.”

iVerify said that the issue “highlight[s] the need for more transparency and discussion around having third-party apps running as part of the operating system” in tech firms’ products. “It also demonstrates the need for quality assurance and penetration testing to ensure the safety of third-party apps installed on millions of devices.”