Kaspersky found that nearly 20% of adware installed in smartphones cannot be uninstalled and antivirus software is ineffective
Of the various types of Android malware circulating, there has been a boom in adware recently. That is, malware that bombards your smartphone with annoying and unwanted advertising. Of the total of these adware as much as 14.8% cannot be removed from the device's memory.
This is what Kaspersky Lab reported, based on data collected by its antivirus software. The reason why malware cannot be deleted is that these viruses manage to install compromised code into the system partition after gaining full access to the device. In some cases the adware is even pre-installed in the firmware, even before the phone ends up in the hands of the buyer. According to Kaspersky, antivirus software cannot remove such adware because Android does not grant them enough privileges to access the system partition (as viruses do).
Why can't adware be removed
Kaspersky has analyzed which adware is most often found in Android devices and found out that the most popular ones are Lezok and Triada, but listed at least a dozen others that pop up frequently. Most of these adware lurk inside "libandroid_runtime", an Android system library that is used by almost all apps for this operating system. This method has been known for years, but since antivirus cannot modify system files, as Android treats them as normal apps, users cannot get rid of this malware.
Adware pre-installed on smartphones
Some smartphones contain adware modules pre-installed by the manufacturers themselves, some of which openly admit to embedding adware in the code on their smartphones. Some manufacturers allow the user to disable adware, while others don't, claiming that distributing adware is part of their business model to reduce the cost of the device for the end user.
The user generally has no choice: if they can't pay for a "clean" device they are forced to buy a cheaper smartphone that, in the end, in daily use turns out to be a pocket-sized billboard. Google is well aware of the problem and seems to tolerate this situation: on the one hand it licenses these manufacturers to install Android and Google Web Services, on the other hand it doesn't allow anti-virus apps to modify the files inside which the factory adware is hiding.