Android malware perspective: only 0.5% comes from the Play Store

Android malware perspective: only 0.5% comes from the Play Store
There has been a lot of chatter recently about how Android is a haven for malware, and how malware on the platform has exploded recently. As we've talked about before, the reality is that supposed malware isn't really as much of a threat on Android as many make it out to be, and new numbers bear that out by showing that an incredibly small amount of malware comes from the Google Play Store.

A lot of the buzz comes from the heads of competing platforms (always the most unbiased sources) like Steve Ballmer, but a recent report from F-Secure also gets a good amount of credit. F-Secure's recent report claimed that in Q3 of 2012 jumped more than 10x, from just over 5,000 instances in Q2, to over 51,000 in Q3. This is a pretty menacing statistic until you give it a bit of context. 

The necessary context? Of the 51,447 examples of malware discovered by the security firm last quarter, only 146 came from the Google Play store. That means that the main source for apps for most users only was found to have 0.5% of all the malware found. Sure, if you're living in China and using a bootleg non-Google Android device, and constantly sideloading apps, you may be at a higher risk. Of course, if you're in that situation, it may be a good idea to be more vigilant, since you are responsible for being sure the app you've got is trustworthy, at least until you get Android 4.2, which will scan sideloaded apps for malware. 

Even more context: of the 51,447 examples of malware, 55.2% were malicious and the remaining 44.8% were simply deemed "risky". So, yes, malware is bad, but not all of it is actively trying to steal your data. And, beyond that there are actually fewer types of malware, or "families" of malware than there used to be, which is a good sign. 

Perspective and context are amazing things, eh? They always tend to make fearmongering that much more difficult. 



1. Pings

Posts: 304; Member since: Dec 19, 2008

Misinformation rules the day.

3. Aeires unregistered

If you can't beat them, kill them with FUD.

20. networkdood

Posts: 6330; Member since: Mar 31, 2010

You know what site loves to add tracking cookies to your browser? Vibrant Medi Dedicated Networks Dedicated Networks (AppNexus) Quantcast ownerIQ Invite Media Turn MediaMath Collective Criteo

21. networkdood

Posts: 6330; Member since: Mar 31, 2010

If anyone is running chrome on their PC I would recommend downloading the extension: DO NOT TRACK PLUS .

2. Ballua

Posts: 16; Member since: Nov 12, 2012

True story! just the haters' talk. Ballmer is an excelent example

4. dsDoan

Posts: 235; Member since: Dec 28, 2011

Steve Ballmer putting down an OS for its lack of security. Anybody else see the irony there?

7. DaNTRoN

Posts: 135; Member since: Jul 23, 2012

i lol'ed +1

5. protozeloz

Posts: 5396; Member since: Sep 16, 2010

It could be added that thaw numbers might even get smaller with the time and the bouncer becoming more and more optimized for the task, most common malware are apps using permissions for gathering user data, so checkin that would be nice

6. yowanvista

Posts: 341; Member since: Sep 20, 2011

Android Malware doesn't even exist to start with. It's just pure BS being spread by AV companies to promote their useles software. I wonder why everyone is so afraid of childish rogue apps..

8. XPERIA-KNIGHT unregistered

You've got to being doing something that isn't advised to do so, in order to get something you don't want right? .......

9. wendygarett unregistered

Another nice information you shared Michael... But still I have a little doubt about the play store... Especially the free apps, some ad drive me crazy lol, Can you share an article to fix it? Thanks

10. nnaatthhaannx2

Posts: 820; Member since: Oct 19, 2011

If you root, there's an app called Ad Away. Gets rid of everything. Another good app is Lucky Patcher. You can modify permissions and remove ads completely (although it sometimes doesn't work) from apps which is very nice.

13. wendygarett unregistered

Any other way without root? Lol

15. cmikeh2

Posts: 26; Member since: May 09, 2012

No. You need root access to modify the hosts file that will block the known ad spawning domains.

12. XPERIA-KNIGHT unregistered

Yes there may be ads Wendy but the subject was about maleware viruses not ads.......

14. wendygarett unregistered

I experience the malware that keep eating my WiFi... What's that apps called again.. oh it's name is 4shared, if I'm not mistaken... That app kill me, and keep posting annoying scam ads pop out on top of the notification bar zzz... Have you experience it bro lol

22. XPERIA-KNIGHT unregistered

lol no are you sure its "maleware" thats doing that? and you should definitely download "Lookout" to protect yourself before downloading unknown apps wendy...

23. wendygarett unregistered

I'm now more cautious on that :) Thanks for your cares, I'll treasure that lol

11. rusticguy

Posts: 2828; Member since: Aug 11, 2012

You know what, one security site discovered that Wordpress was the most dangerous software in 2010 and PA is running on woprdpress. I am basically trying to highlight that Onus of securing lies with the user and n ot provider because even Wordpress is deemed "Riskiest".

16. jroc74

Posts: 6023; Member since: Dec 30, 2010


17. rsxl5

Posts: 65; Member since: Sep 05, 2012

'Sure, if you're living in China and using a bootleg non-Google Android device, and constantly sideloading apps, you may be at a higher risk.' In China you don't have a choice.... When I bought one in China (legitimate source ( it came out of the box without Google Play but it had some kind of third party software installed allowing you to access Chinese version of Google Play ('Allow 3rd party to install application' option was ;on' by default = security risk). All applications in that store were domestic ones (of course all in Chinese) ; you were unable to find any foreign one (that I knew from my none-China Motorola). Way around was to install desired application on my Motorola and save it to a file as APK, move to other mobile and install (till normal countries OS image was available for download and I was able to flash the device). Same situation was/is with Android devices from your mobile provided (China Unicom). The only option ordinary people have in China is to go to a mobile market and ask people there to have their mobile flashed (and at that point you have no idea if OS image is legitimate or modified one).

18. Kronic

Posts: 321; Member since: Sep 11, 2012

Is there any way to get rid of malware? Also how do I check for it on galaxy S3?

24. sgogeta4

Posts: 394; Member since: Feb 02, 2011

don't download porn on your phone.

19. networkdood

Posts: 6330; Member since: Mar 31, 2010

See, this is what I have been saying all along....

25. Raymond_htc

Posts: 430; Member since: Apr 06, 2012

Lets see how BALLmer complains now. A lot of malware??? Come on....

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.