Downloading applications onto your Android device just got a lot more scarier than it already is. Results of a new research conducted by corporate internet security company,RiskIQ, claim that there is a nearly 400 percent jump in the number of malicious Android apps on Google Play.
In a press release earlier today, RiskIQ revealed the summary findings of their research. Between 2011 and 2013, the number of malware Android apps available shot up by a whopping 388 percent. The period also saw a significant reduction in the number of such apps annually weeded out by Google – 60 percent in 2011 as against the 23 percent in 2013. RisIQ has stated that the numbers presented in their findings were put together by the ‘RiskIQ for Mobile’ service. The service, which is a distributed global proxy network, continuously tracked stores that sold mobile applications to trace suspect applications, brand impersonation and tampering of application.
The study labelled Android apps on the Google Play store as malicious only if they met one or more of six characteristics: Sending SMSes to premium-rate numbers or subscribing to premium services; collecting and sending GPS coordinates, email addresses and contacts to third parties; taking control or downloading other malware onto infected device; and finally, recording phone conversations and sending them to attackers.
Any app found to display one or more of these characteristics were deemed malware and according to RiskIQ the number spiked by nearly 400 percent with regards to malicious apps found on Google Play. Personalization apps for Android devices and entertainment-related apps topped the list as having the most number of malware instances.
In the end, the study claims that 12.7 percent, and no less, of all apps on Google Play were malicious. If that number seems steep, a deeper scrutiny of RiskIQ’s findings revealed that the total number of good applications on Google Play in 2013 was 332,084. Now, that is far lower than the 2011 figures, which showed a total 402,509 well-behaved applications.
A similar study conducted in August 2013 by another internet content security company, Trend Micro, revealed a 40 percent increase in Android malware just between the months of April and June in 2013. According to that study, 44 percent of the malicious apps were designed to hook up downloaders with expensive services, while 24 percent of the apps focussed on data theft. Adware-laden apps ranked third with 17 percent.
The study by Trend Micro also included a list of Top 10 countries that downloaded a bulk of all the malicious Android applications. While the United Arab Emirates, Myanmar and Vietnam topped the list, the United Kingdom and United States weren’t part of it.
Startling as these studies maybe, it is tough to gauge the levels of truth behind these claims. In its defense, Google’s Bouncer program introduced in 2012 has been scanning software for suspicious behavior right at the uploading stage itself. This means Bouncer allows only good apps onto the Google Play store. Besides this, Google is no longer allowing any application updates that don’t come through its Play store.
While this is definitely a good step towards protecting Android users, the tech community is not entirely convinced that Bouncer is unbeatable. Malware writers have in the past tweaked their codes to detect when a virus is being tested in a virtual environment (emulator) and to make infected software behave legitimately to escape detection. That malware writers catering to Android apps will also find a way around the emulator Bouncer is a distinct possibility.
Add to this the fact that only an estimated 30 percent of all Android devices in the United States have a security application installed. The exponential rise of Android apps each day in an environment of devices that aren’t adequately protected could mean an increase in malicious Android apps, on Google Play, greater than 400 percent.
By Aruna Iyer