x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Google says less than .001% of Android malware evades Google Play security to cause harm

Google says less than .001% of Android malware evades Google Play security to cause harm

Posted: , by Michael H.

Tags:

Google says less than .001% of Android malware evades Google Play security to cause harm
Every month or so there is a new story that comes out about how much malware can be found on Android or in the Google Play Store. Unfortunately, most of the reports don't include all of the information that you'd expect. Stories about malware on devices often don't mention what harm is actually caused, nor that most malware comes from sideloading, or devices without the Google Play Store. And, stories about malware in Google Play don't tend to include stats on how quickly Google removes malicious apps. 

Google wants to tell its side of the story about malware, and not surprisingly, Google has a much different story to tell. According to Google’s Android Security chief Adrian Ludwig, there are multiple layers of Android security at work that end up with just .001% of malware even being able to attempt to evade security and cause problems. Of course, it should be noted that Google's numbers only include devices that have Google Play Services, and do not include non-Google Android devices which are often cited as being the most at risk for malware in regions like China and Russia. 

Interestingly, Google sees one major problem being that security researchers can estimate how many malware apps are out there, but they don't have Google's data on how often those apps are actually installed and go on to cause problems, which leads to exaggeration in reporting. Google says that the majority of malware on devices with Google Play comes from sideloaded apps, of which there have been about 1.5 billion installs. 95% of users have Verify Apps turned on, and .5% of that 1.5 billion non-Google Play installs give users a warning that they might be harmful. Of that .5%, Google estimates that 40% are community-created "rooting tools" (potentially dangerous, but not really malicious), 40% are fraudulent apps that try to steal money from the user's bill by making premium calls or text messages, and 15% are spyware, with the remaining 6% being mostly malicious apps that don't fall into the previous categories.

That warning leads to most users not installing the app at all. Just .13% will finish installing an app after a warning. This brings us to the .001% of apps that even attempt to evade runtime security, and some unknown number of apps that successfully evade security in order to cause problems. We would be interested to know what that number would be if people listened to the warning and didn't install any potentially malicious apps. 

Of course, all that said, you do still need to be careful, and you especially need to be careful if you are using an Android device that does not have a trusted app store on it, as any device that doesn't have Google Play Services is at a higher risk, especially if you have to rely on sideloading to get your apps. But, it should be noted that even Google's own data here is incomplete, because it doesn't mention anything about malware that evades detection in the Google Play Store and makes it out onto devices. Still, maybe this will help to quell some of the fearmongering that often surrounds Android. 


source: Quartz

11 Comments
  • Options
    Close




posted on 03 Oct 2013, 22:42 18

1. Shatter (Posts: 2031; Member since: 29 May 2013)


My question is has anyone on this site even gotten malware? From my understanding its mainly people who pirate apps that get it from people who release hacked versions of the app with malware in it.

posted on 03 Oct 2013, 23:42 22

3. SleepingOz (unregistered)


The ones who have never used Android will tell you they actually did.

posted on 04 Oct 2013, 01:44

7. JC557 (Posts: 1164; Member since: 07 Dec 2011)


Yup, the only time I had an instance of "malware" was downloading an outdated translation app from the Google app store. It kept sending me text spam and kept setting my GPS/ phone location to somewhere in the middle US.

Be wary of apps that haven't been update in years and if most of the reviewers are in asian and other foreign languages.

Other than that my phone hasn't seen viruses or other junk and I only sideload Flash.

posted on 04 Oct 2013, 08:20

10. Sakeem (Posts: 304; Member since: 05 Sep 2012)


I haven't. I dont download 3rd party apps and i have been fortunate to not get hit with malware fromt he play store.

posted on 03 Oct 2013, 23:24 10

2. JMartin22 (Posts: 1245; Member since: 30 Apr 2013)


And that's the only instance people have bad things happen to them. When they're engaged in unlawful or morally questionable activity. This research cements that the hysteria that generally plagues Android as unsafe, in comparison to iOS, is a bunch of bullcrap. iOS isn't a "sanctuary" either by any means. It's been hacked and evaded; such as malware sweeping past their App Store and hackers bypassing their crappy fingerprint scanner.

posted on 04 Oct 2013, 00:39 7

4. blingblingthing (Posts: 459; Member since: 23 Oct 2012)


Anyone well informed knows how secured his phone is. It is really sad ppl think android lacks security.

posted on 04 Oct 2013, 00:54

5. itsdeepak4u2000 (Posts: 2866; Member since: 03 Nov 2012)


Still the defense system and layers are very good on Android. Malwares chances are mostly from outside of Playstore.

posted on 04 Oct 2013, 01:05 4

6. Berzerk000 (Posts: 4109; Member since: 26 Jun 2011)


Glad to see Google is finally putting all those ridiculous malware reports to rest.

posted on 04 Oct 2013, 02:01 5

8. Sniggly (Posts: 7182; Member since: 05 Dec 2009)


I do find it interesting that in stark contrast to an OS like, say, Microsoft's Windows platform, Google actually has taken the time to build up a pretty strong fortress of security around Android, instead of forcing customers to invest in hundreds of dollars of antivirus apps. This is one of so many reasons I think that Google could destroy both Apple and Microsoft in the PC realm if they start pushing full Android powered desktop and laptop computers.

In fact, perhaps that is WHY they're publishing this report now. Perhaps Google is priming the public for selling points on Android as a computer OS choice as preparation for Kitkat and 64 bit/computer support.

posted on 04 Oct 2013, 03:34 1

9. ScottSchneider (Posts: 323; Member since: 06 Dec 2011)


Well... This is a Nice way to say it... Hats off Sniggly... +1

posted on 04 Oct 2013, 10:56 1

11. Googler (Posts: 813; Member since: 10 Jun 2013)


I think the world is ready for a high profiled name to make the computer war a three way dance. Linux almost pulled it off and Ubuntu shows a tremendous amount of potential but they don't have the household name that Google does. I would welcome more options.

Want to comment? Please login or register.

Latest stories