Cybersecurity company Avast has confirmed that they incorrectly flagged the Google Android app as a potential malware on Huawei, Vivo and Honor smartphones.
Users of the affected devices were alerted to uninstall the Google app due to concerns that it might secretly send SMS messages, download and install third-party apps, or steal sensitive information.
Some other users witnessed a different alert warning them that the Google app was a trojan capable of providing remote access to their devices, potentially allowing attackers to install malware and steal their data.
Users initially reported this false positive problem on various platforms, including Google’s support forum, Reddit, Huawei’s forum, and other Android communities.
Notably, Google Play Protect, the tech giant’s built-in security feature, did not trigger the alert. Google clarified that the issue appeared to stem from devices that were not Play Protect certified, suggesting users contact their device manufacturers for further guidance.
“This security notification was not triggered by Google Play Protect and appears to be from a device that is not Play Protect certified and does not have access to download Google’s core apps from Play officially,” a Google spokesperson told BleepingComputer.
Avast confirmed that the erroneous malware alerts were caused by their Android antivirus Software Development Kit (SDK), which incorrectly identified the Google Quick Search Box app launcher as malware. While the company mentioned that Huawei’s Optimiser app displayed the alerts on Huawei devices, it did not provide specific information about the affected Honor and Vivo devices.
Avast reported that they were made aware of the issue on October 29th and resolved it by October 30th. The problem seemed to affect users outside of China.
“The issue affected Huawei customers outside of China and a small number of Honor and Vivo customers. A fix was implemented on October 30th, which fully resolved the issue,” Avast confirmed in a blog post.