A number of Chinese-built smartphones are displaying a strange warning message claiming that the Google Android app is malicious and should be removed immediately.
Reports claim that some Huawei, Honor and Vivo smartphones and tablets are all showing a ‘Security Threat’ warning, detecting the Google app as ‘TrojanSMS-PA’.
The details for the alert indicate that the app secretly sends text messages and can cause material harm to the user: “This app was detected sending private text messages, enticing users to pay with adult content, apps private downloads/installs or steals private information. , which may cause property damage and privacy leaks,” the warning reads. “We recommend removing it immediately.”
Huawei Optimizer is to blame
To complicate matters further, the warnings appeared on devices built before the Chinese ban, so the app was preloaded on the phones and tablets and not sideloaded.
In a statement issued to BleepingComputerGoogle said that the warning was not caused by the Play Protect feature and that users should discuss this with whoever built the devices (i.e. Huawei, Vivo and others).
“This security alert was not triggered by Google Play Protect and appears to be from a device that is not Play Protect certified and does not have access to officially download Google’s core apps from Play. We recommend contacting the manufacturer of the device for more information,” the company spokesperson said.
“Google Play is the only app store where you can officially download Google’s core apps for Android. All Google apps undergo the same rigorous testing as all other apps on Google Play. These tests are designed to ensure that apps are safe and meet Google’s quality standards.”
Further analysis showed that the warning was issued by “Huawei Optimizer”, an app native to Huawei phones. It is still unclear why other devices show the same warning. The Chinese manufacturers do not yet want to respond to the news. At this point, the general consensus is that the warning is a false positive and that unless users are sideloading the Google app from unverified sources, they can safely ignore it.