On millions of Android phones, malware has been found in apps installed by manufacturers before the sale, CNET reports based on a presentation by a Google security researcher.

Malware in apps that can be downloaded from the Play Store has been a threat to Android users for some time. However, Google’s research team is warning this time about malware in apps installed by smartphone manufacturers.

This concerns budget smartphones that use apps from external parties that contain intentional or unintended malware. Larger producers such as Samsung, LG and Google’s Pixel probably do not use this type of apps.

According to Maddie Stone, Google security researcher, pre-installed malware is a major threat because antivirus programs do not detect them. The malware is also more difficult to remove; the apps cannot be deleted unless the producer sends out a security update.

Stone investigated various pre-installed apps that contain malware. These apps were used by around 225 telephone products, affecting millions of users. The malware made it possible to take over Android phones and install apps unnoticed remotely.