According to a new study by US antivirus company NortonLifeLock (formerly Symantec) and the IMDEA Software Institute in Madrid, Spain, Google's official Play Store is the largest source of malicious Android apps, but remains one of the safest places to download apps, according to the study.
After examining 7.9 million apps installed on 12 million Android products over a four-month period in 2019, security researchers found that "10% to 24%" of Android devices running Norton or Symantec antivirus software have encountered at least one malicious app, with adware considered malicious.
Of the malicious apps identified in the study (How Did That Get In My Phone?Unwanted App Distribution on Android Devices), two-thirds (67%) were, as ZDnet previously reported, Google Play Store and entered the devices of unsuspecting Norton/Symantec users via the store. (Many of these apps pose as useful services, such as VPNs, but actually contain malware that steals data and displays unwanted ads. This is why you should only download reputable apps.
Unfortunately, the best way to ensure that you download a reputable Android app is to get it directly from Google Play, as Tom's Guide has long advised. The vendors and adware distributors know this as well.
Researchers say, "Developers of unwanted apps have a huge incentive to have their apps appear in the Play Market.
So if two-thirds of Android malware originates from Google Play, is Google Play really safe? Paradoxically, yes, Android apps should be obtained from Google Play.
Google Play's numbers are skewed because Google Play accounts for nearly 90% of all app installations. However, only 0.6% of apps downloaded from Google Play were malicious.
"This leads to a low percentage of unwanted apps that can bypass Play's defenses, but a large number overall," the paper states.
"The effectiveness of Play's defenses against unwanted apps is shown by the low percentage of unwanted installations compared to all installations, i.e., the ability to remove some of the unwanted apps.
There are other things that can be done. For example, install one of the best Android antivirus apps, or prevent your phone or other device from installing apps from an unknown source. But sticking with Google Play is the first step.
In this study, security experts also analyzed other places to download Android apps and found that 10% of malicious installations found on devices running Norton/Symantec software were from third-party app stores They found that 10% of the malicious installations found on devices running Norton/Symantec software were downloaded from third-party app stores.
"Compared to the Play Market, users of alternative markets are up to 19 times more likely to encounter unwanted apps," the paper states.
Others include backup services, package installers, bloatware preloaded on cell phones, paid installation services, file sharing services, themes, web browsers, file managers, company-run to manage employees' cell phones Mobile device management services, instant messengers, and other services were the infection vector for malicious Android apps.
In terms of malware prevalence, 3.8% of apps downloaded via web browsers, 3.2% of apps downloaded from third-party app stores, and 2.9% of apps downloaded via instant messaging apps were malicious were.
"In alternative markets, fewer apps are distributed, but they are more likely to be unwanted," the researchers add. Bloatware is another distribution channel that is alarmingly high." Web downloads are rare and much riskier than alternative markets.
"Surprisingly, unwanted apps may survive after a user replaces their phone through the use of automatic backup tools. Finally, we observed that app distribution via commercial PPI (pay-per-install) services in Android is significantly lower than in Windows.
Comments