Trend Micro releases Android malware report, but it asks more questions than it answers

Trend Micro releases Android malware report, but it asks more questions than it answers
It should always be mentioned right off the bat when reporting a story about malware statistics from a security company that security companies are somewhat biased in this equation, because they are the only companies that can profit from there being security threats on a given platform. With that in mind, Trend Micro has released a new report claiming that Android is rife with malware.

The numbers are as follows: Trend Micro reportedly checked 2 million Android apps during this study. This automatically asks more questions, because there are were only about 700,000 apps in the Play Store during the check. Unfortunately, the report doesn't specify how many of the apps checked were from the Play Store, or if we're supposed to believe that Trend Micro checked every app in the store, and how many of the apps came from 3rd party stores, which always have higher rates of malware. 

Of the 2 million apps checked, 293,091 apps were classified as "outright malicious", and a further 150,203 were classified as "high risk". Again this asks more questions which are not answered by the report. First goes to the categorizations, where two of the seven types of apps classified as "malware" are A) "Spying Tools", which are apps that "send out GPS location, tracks text messages, call logs," and B) "Rooters", which "allow attackers to send commands to the affected device." It's unclear whether "spying tools" are apps that do those things without permissions, or just any app that does those things, which is important, because if it's the latter, any alternative SMS app would count as "malware". The same goes for the "rooter" apps, where it's unclear if that category counts apps designed for root users or not. 

If the numbers are to be believed it means that 24% of all the apps tested were found to be "malware", and of those 68,740 were sourced directly from Google Play. Again, assuming they tested every single app in the Play Store, that would mean about 10% of apps in the store were "malware". Of course, this again begs a question that wasn't answered, because the report claims "these numbers change every minute, upwards…" which could indicate that there was no follow-up done to check how many of those apps found to be "malware" were removed from the Play Store, or it could indicate that malware is added faster than Google removes it. 

Of the apps tested, 22% of apps were found to "inappropriately leak user data", over the network, SMS or telephone, often including IMEI, ICCID, contact data, and telephone number. This doesn't say specifically, but it seems we're supposed to assume it was 22% of all the apps tested (and remember the total amount of "malware" apps found was only 24%.) If that's accurate, then only about 3300 of all the malware apps found did something other than "inappropriately leak user data". 

This report of course marks the second study in as many days, conducted by a security company, that accused Android of high amounts of malware. Although, just like this report, the report yesterday from F-Secure had some questionable counting because it marked all phone testing tools as malware, as well as including "potentially unwanted software", which is a term nebulous enough to be troubling. 

We've contacted the author of the article asking all of the questions we had, and we'll certainly update this article accordingly if we get a reply.

source: Trend Micro

FEATURED VIDEO

34 Comments

1. joeymk

Posts: 101; Member since: Jan 26, 2012

That's why i love Windows Phone and iPhone stores. They don't have stupid problems like this.

4. tedkord

Posts: 17365; Member since: Jun 17, 2009

Keep telling yourself that.

5. XPERIA-KNIGHT unregistered

U know wat else windows phone and the iPhone don't have?

7. Trade_Mark

Posts: 9; Member since: Mar 08, 2013

Apps and games. Empty OS. Caged OS. There both in process of getting half-baked.

10. Mxyzptlk unregistered

I agree. There's been several malware outbreaks on the play store along with several mock apps.

12. rusticguy

Posts: 2828; Member since: Aug 11, 2012

Yea and i am sure you were hit by these malawares the way you recite like a parrot.

14. HDShatter

Posts: 1021; Member since: Jan 17, 2013

Fun Fact: a majority of people that get viruses on android are from pirated apps.

26. AnTuTu

Posts: 1613; Member since: Oct 14, 2012

I feel pity on you Mxyzptlk

27. taikucing unregistered

it depends on what you install in your android. I only install apps from trusted developers and I don't root my phone. So far, no malwares were detected in my phone

2. yero789 unregistered

And now-let the war begin :D :D :D :D

3. -box-

Posts: 3991; Member since: Jan 04, 2012

There's something to be said for a locked-down phone and ecosystem. I appreciate the freedom of android, but all too many of its apps are processor, data, and battery hogs. I like that Windows Phone lets you disable background tasks for apps so even if it were malicious, it could only work (in theory) when the user accessed it, and then malicious activity might be more noticeable.

9. Trade_Mark

Posts: 9; Member since: Mar 08, 2013

Says the WP Troll.....

24. Whateverman

Posts: 3295; Member since: May 17, 2009

"locked-down system"... That sounds like prison to me.

31. ReddD

Posts: 37; Member since: Oct 29, 2012

Pretty defunct if your OS is malware WP :-P

6. nikenturd unregistered

Ive been installing craked APK software since Android became popular and I have YET to experience any malware related troubles....

33. wilsong17 unregistered

blackmart alpha all free bb

8. Trade_Mark

Posts: 9; Member since: Mar 08, 2013

It's nothing new. Look at W7,8 full of malware. Anyway, so what, what's the big deal....? Don't be a fool downloading from unknown, uncertified places! What do you expect from Linux.....?

11. gmracer1

Posts: 646; Member since: Dec 28, 2012

Want a solution? Download from only well-known developers. Wanna be even more anal? Put Avast! Antivirus on your phone. I don't use an antivirus and I make sure the app developers are well-known. Oh look......no malware for me :D Say something, Mxyz.........SAY SOMETHING. Sir TrollAlot

16. Shinydesert

Posts: 62; Member since: Nov 17, 2011

That is totally right,I have been doing that for years and never had a problem, if I follow what you just said. Maybe once or twice a year I install and run a couple of antivirus apps,run them and remove them, and that's it. I don't see a real thread.

13. rusticguy

Posts: 2828; Member since: Aug 11, 2012

Wordpress was classified as worlds most dangerous software on web in 2010 by bitdefender and so was apple's OS classified as most riskiest in 2010. So why is PA running the site on WP :D

15. jroc74

Posts: 6023; Member since: Dec 30, 2010

"Trend Micro reportedly checked 2 million Android apps during this study. This automatically asks more questions, because there are were only about 700,000 apps in the Play Store during the check." I stopped reading right after that. Seriously, I did... And I wont even bother to read the rest. 2 million Android apps? Trend didnt even do homework on how many apps are in the Store? I dont even think there are 1 million apps on XDA. I dont think there are even 100,000 thousand apps on XDA. Where in the world did the other 1.3 million apps come from???

34. androiddownsouth

Posts: 598; Member since: May 02, 2012

I guarantee you that there are so many 3rd party apps out there it's not even funny. It would not shock me at all to see 2 million apps total between 3rd party and Play Store. I use Trend Micro on my laptops and have never had any issues. That said, I do agree to take this article with a grain of salt. Anyone with something to gain will spin this story to benefit their business, and I have no doubt this was done here. There does exist malware out there, and if any computer/smartphone is unprotected, it is only a matter of when, not if, someone gets malware unless they are very very lucky and careful.

17. moronman66

Posts: 162; Member since: Jan 09, 2012

Has anyone on here actually ever gotten a malware application on any of the mobile operating systems? I've had 3 separate Android phones over the past few years, and I haven't once had any form of malware, and I sideload some apps (GBA Emulator, Swype, a few games I wanted to see if I wanted to buy...).

18. nikenturd unregistered

Noticeable lags, OS acting funny, Crashing, etc..NONE however, leaking user's data is another story...I simply dont transact online for safety precautionary reasons, snooping ones privacy is wrong but I simply dont mind... let em be, I could care less.

20. jroc74

Posts: 6023; Member since: Dec 30, 2010

I got something from the play store. It was notification ad spam. And it put an icon on my home screen that wouldnt delete. From kids just downloading nilly willy. I had that type of malware 2-3 times since 2010. Each time it was because of the kids. I have personally never installed anything that had malware.

19. soshi

Posts: 154; Member since: Mar 08, 2012

Very critical analysis. Most user don't even know where to get pasted app only some user which is very active in pirate land. I use some with no antivirus install but never had mallware problem. Another marketing strategy

21. N-fanboy

Posts: 543; Member since: Jan 12, 2013

Loooool classic anroid

22. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

Android is rife with malware??? Don't tell me that the App Store(iphone) and the Marketplace(windows phone) don't have this kind of problem......

23. parkwaydr

Posts: 572; Member since: Sep 07, 2011

I love these things. My wife and I, including many other various family member, have all been using android for two+ years. And none of us have ever had a problem with malware. And Im positive they would tell me if they did. Because I'm the one that convinced the majority of them to switch. The best is when I bought my wife's little brother an HTC one. ( he's on att along with their parents) for his birthday and told him to just try it out. Hasn't touched his iPhone since.

25. procopiojose

Posts: 132; Member since: Oct 26, 2012

what? no one wants to create malware for a piece of brick with home screen and bunch of icons..

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.