The report claims that the errant vendors include some of the biggest and most reputable global names in the world of technology, including Samsung, Asus and Xiaomi. Interestingly, Lava seems to be the only Indian brand on the list otherwise dominated by Chinese firms. Some of these vendors, however, are predictably pushing back at the allegations, with Samsung issuing a statement to Wired, saying: “we have promptly investigated the apps in question and have determined that appropriate protections are already in place”. Chart Courtesy: KryptoWire Kryptowire, however, disagrees with that assertion, with the company’s VP of product, Tom Karygiannis, saying “The Samsung apps can be used by third-party supply chain actors to gain access to information without disclosing it or requiring permissions”. He further pointed at the security framework of Android itself, saying, “The current design of the Android Security framework does not prevent that from happening today”. Malware on Android continues to remain a huge problem in spite of a multitude of steps taken by Google to eradicate the issue in recent times. The company recently brought together prominent cyber-security firms ESET, Lookout and Zimperium, under an umbrella organization called the App Defense Alliance to stop “bad apps before they reach users’ devices”. However, as the latest study seems to show, there’s a long way to go before the platform becomes truly safe.