A new Android malware from Google
The article reports a purported Android malware called Android Developer Verifier (ADV) that allegedly infects devices running Android 8 or higher. It claims the malware is distributed via Google’s Play Protect service and grants Google extensive control over app distribution. The piece critiques Google’s developer verification program and suggests alternative security measures.
- ▪The ADV trojan is said to have infected up to 4 billion Android handsets and tablets worldwide, representing roughly half of all users.
- ▪It disguises itself as a system service with full root privileges and cannot be blocked, disabled, or removed.
- ▪According to the article, Play Protect is both the vector for installing ADV and the mechanism through which Google propagates it.
- ▪The author argues that Google is using the threat to enforce a mandatory developer registration system that requires fees, personal data, and gives Google unilateral authority to define "malware".
Opening excerpt (first ~120 words) tap to expand
What We Talk About When We Talk About Malware Posted on Jul 01, 2026 by marcprux If you are running Android 8 or higher, a virus has been installed on your device and is silently awaiting remote activation. Over the past few months, devices around the world have been infected with this novel strain, with as many as 4 billion Android handsets and tablets estimated to have already been contaminated, meaning that around half of all humanity may be at risk from this threat. Disguising itself as the innocuously-titled “Android Developer Verifier” (ADV) process, this trojan horse runs surreptitiously in the background as a system service with full root privileges, quietly awaiting an activation signal. The service cannot be blocked, disabled, or removed.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at F-droid.