Google Pixel security risk leaves millions vulnerable to hackers

from Google (GOOGL) Pixel smartphones come with a risky app that makes them vulnerable to hackersfound mobile security firm iVerify.

Looks like the third party app did it it’s been built into Pixel phones for years. According to iVerify, the app has a vulnerability that “leaves millions of Android Pixel devices susceptible” to hackers, “giving cybercriminals the ability to inject malicious code and dangerous spyware.” A Google (GOOGL) spokesperson told WIRED that the company will work to remove the software in the coming weeks.

The spokesperson told The Washington Post that “(e)ploiting this app on a user’s phone requires both physical access to the device and the user’s password.”

The security issue with Google’s Pixel phones prompted AI giant Palantir (PLTR) to stop issuing them to its employees, the Post reports.

“Mobile security is a very real concern for us, given where we operate and who we serve,” says Palantir. (PLTR) Chief Information Security Officer Dane Stuckey told The Post. “This was very damaging to trust, to have unsecured third-party software, unchecked. We have no idea how it got there, so we’ve made the decision to effectively ban Androids indoors.”

iVerify said the issue “highlights the need for more transparency and discussion about running third-party apps as part of the operating system” in tech firms’ products. “It also demonstrates the need for quality assurance and penetration testing to ensure the safety of third-party apps installed on millions of devices.”