Keeping your phone safe from bad apps is hard enough.
But now research has discovered that some phones came with security issues pre-installed on the devices after finding 38 different vulnerabilities on 25 Android phones that came pre-installed.
That means that these phones were vulnerable on arrival and if a hacker trick someone with one of these devices to download a malicious app, there's plenty that could go wrong.
In one demo video, researchers from CryptoWire showed that they could completely break an Android device.
In another demonstration, the malicious app allowed hackers to spy on a victim taking screenshots and recording the screen without the victim knowing.
A few companies have said they fixed these issues with their phones but it's hard to keep track of it all.
While Google patrols its playstore for bad apps, it can't do much with pre-installed apps that are put in by phone makers.
The good news is, the hard part is getting someone to download one of these malicious apps in the first place.
Try to stick to trusted apps that have been approved by the Play Store, if you can.