Android has 97 Percent of Mobile Malware, But Nearly None in the U.S.
March 26, 2014 7:02 PM
But almost all of that comes from third party apps stores in Asia and the Middle East
Google Inc. (
) has fought the mobile war against Nokia Oyj. (
), Apple, Inc. (
), and Microsoft Corp. (
) (among others) and it has won -- at least in terms of OS market share.
I. Almost No Android Malware in the U.S.; a Whole Lot in China
four out of every five devices sold
around the globe today run a version of Android. And Android
is now the world's largest tablet platform
as well, in terms of unit share.
But Android also has a massive malware headache.
A new report
from Finnish security firm F-Secure claims 97 percent of the
fast-growing field of mobile malware
is Android exclusive. But here comes the twist -- virtually all of that malware comes from smaller Asian and Middle Eastern third-party app stores.
Such mobile market. Very malware. Wow! [Image Source: F-Secure via Forbes]
On the official Google Play app and media store's apps section, only 1 in 1,000 apps was found to be classed as malware. That's slightly higher than other platforms like Microsoft's Windows Phone Store and Apple's iOS App Store, but it's not that much higher. Normalizing for market share, and it appears Google's official offerings are no less secure than Apple's or Microsoft's -- a pretty impressive feat given that its market share is nearing almost-monopoly proportions.
Google Play is nearly malware free.
Amazon.com, Inc.’s (
) Appstore -- a popular third-party app store -- was not examined, but it is also thought to be fairly secure. So that means that the Android Americans know and love is probably about as secure as Windows Phone or iOS.
II. App Store Country Restrictions, Lack of Content, Developer Support Add to Problem
But the story becomes wildly different when you go overseas to Asia.
One third-party app store -- Android159 (it exists, but we're not sure of its location) -- had roughly 33.3 percent of its apps outed as pirated copies of Google Play apps rebundled to contain malware. But many other larger regional third-party app stores had somewhat lower, but still alarming high malware rates.
Baidu.com, Inc. (
-- one of the most used third party app stores in China -- had an 8 percent rate of malware. That means more than 1 in every 13 Android apps from Baidu is malicious and dangerous. Two of China's fastest growing app stores --
(5 percent malware rate) and
(6 percent malware rate) -- were also very dangerous. Other Chinese app stores (
-- 8 percent rate,
-- 7 percent,
-- 6 percent,
-- 7 percent rate, and
-- 8 percent rate) are also peddlers of pestilence in the mobile space. The bottom line here is that most Chinese customers have a more than 1 in 20 chance of downloading a malicious app.
Chinese apps stores are overrun with Android malware. [Image Source: F-Secure via Forbes]
It's no coincidence that many of the app stores in question come from China. Not only does China have
the world's biggest population of smartphone users
, Google also does not allow its users official access to paid apps [
] -- a pretty sizeable snub. Only a handful of other countries -- e.g. Iran and Syria -- are exiled from app access, and in those cases the exile is often at the
orders of the U.S. government
. China is a special case perhaps
because of its rocky relationship with Google
(which has remained silent on the cause of the snub).
For Chinese users perhaps the safest option is to
get a repackaged version of the Play Store
with a spoofed country code (if they can find a safe one). This approach is fairly popular and accounts for
roughly 6 percent
of app downloads in China. That's pretty impressive, given no official support is coming from Google. But it's also worrisome considering that 94+ percent of Chinese users are
grabbing apps from insecure sources
F-Secure's list of most-repackaged-for-malware Android apps [Image Source: via Forbes]
A secondary issue is that while Google's Play Store is (relatively) secure, its regional support
doesn't make certain kinds of content available
For example in Japan you can get TV shows on the Play Store, but you can't get music. In Germany you can get Music from the Play Store, but no TV shows. Google offers virtually no support to developers in African nations, and many African nations only have access to the basic app store, no media content. You can download movies off the Play Store in Brazil, but go to Argentina and Google won't let you download them. And Brazil and Argentina both lack Google developer support.
Lack of support drives developers to make native language apps available at third-party app stores, as does lack of content. And almost as a rule these app stores have more than 1 in 20 apps be a pirated app bundled with nasty malware surprises.
III. How to Support the Unsupportable?
There's no easy answer of how to improve this difficult scenario.
Google lags a long way behind Apple when making its app store available around the world. The most notable omission is China, where Apple has made significant progress in recent years.
While that may be true in the case of China -- home to the world's biggest population of mobile malware, virtually all of which is on Android --
the list of nations Google allows paid app downloads from
is actually quite lengthy.
[Image Source: TechWeb]
This makes the situation less black-and-white. Even if Google makes the Play Store available to the Chinese, it will remain vulnerable in other regions. As the world's most used mobile OS its products are being used in places like Iran that U.S. companies are not allowed to do business in, hence it has no way of controlling security in these regions. Further economic and political factors lead to users in many regions purchase devices with no-longer-supported versions of Android. Here, Google again has no way of fixing the problem as prior to KitKat it had no way of forcing an update to any part of the operating system.
About the only way U.S. customers see much risk is in the
well discussed issue
lacking updates to newer versions
of Android --
a problem commonly termed "fragmentation"
. F-Secure writes:
While the various enhancements released in each update incrementally improve the security of the platform itself, actual per-user security is highly variable, since the fragmented nature of the Android ecosystem between various device vendors makes it basically impossible to ensure a uniform security level across all users. For most users, this means their device security ends up being largely in their own hands – both figuratively and practically.
With the new Android v4.4 KitKat, core apps will get updates even after manufacturers and carriers abandon support.
The good news here is that as of
Android 4.4 "KitKat"
a change has been introduced allowing Google to directly update its core services. This should lessen the issue of fragmentation, as all commonly used builds will receive new versions of core apps whenever a security issue is detected. Within a few years the only vulnerabilities to go unpatched will be the more rare kernel-level exploits (which are generally only patched via version updates) or software on extremely old devices that predate KitKat.
For the most part neither problem applies to Apple’s iPhone and iOS -- because it's expensive, even when it comes to resale. And it doesn't apply to Windows Phone as few in China and the Middle East are using Windows Phone. So say what you will about Google, but it is keeping its customers in U.S. and most largely globally economies relatively safe with some minor exceptions.
"We are going to continue to work with them to make sure they understand the reality of the Internet. A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis
Gartner Report Shows Android OS Leading Tablet Market with 62% Share
March 4, 2014, 11:00 AM
Jelly Bean Accounts for 54% of Android Installations, KitKat Rises Slightly to 1.4%
January 13, 2014, 12:00 AM
Apple and Samsung See Virtual Tie in Q3 U.S. Sales, Nokia Seizes Fourth
December 5, 2013, 8:00 PM
Nexus 5, Android 4.4 "Kit Kat" Arrive Today
October 31, 2013, 5:20 PM
Beware of Malware: Mobile Threats Increase by 614 Percent in Last Year
June 26, 2013, 8:50 AM
Hidden Features of the Google Phone
October 27, 2016, 5:05 AM
What is Flagship Sony’s XperiaX Smartphone?
October 25, 2016, 5:00 AM
The Galaxy C9 Pro Samsung Smartphone Has 6GB RAM
October 24, 2016, 4:29 AM
The Unlocked Moto Z Play Launches for $449.99 Today.
October 22, 2016, 5:00 AM
Nintendo Announced Next Game Machine to be Portable “handheld”.
October 21, 2016, 5:00 AM
Do you hate to do yard work?
October 20, 2016, 5:00 AM
Most Popular Articles
Apple iOS Contains Secret One-handed Keyboard Code
October 22, 2016, 5:00 AM
The Unlocked Moto Z Play Launches for $449.99 Today.
October 22, 2016, 5:00 AM
The New HP Spectre: Revamped and Ready
October 23, 2016, 6:00 AM
New Way to Read Data on Ulta Hard Drives
October 23, 2016, 9:38 AM
Car Insurance - The Hidden Discriminatory Practise
October 18, 2016, 5:00 AM
Latest Blog Posts
From Time to Time, The Unbelievable and Unimaginable Happens!!!!
Oct 28, 2016, 4:56 AM
Key EpiPen Competitor Out in 2017 At ' Very Low' Cost
Oct 27, 2016, 5:30 AM
Researchers use CRISPR to Accelerate Search for HIV Cure
Oct 26, 2016, 5:00 AM
Medical Council of India Makes Generic Medicines Mandatory
Oct 25, 2016, 5:00 AM
MacBoo Pro 2016: Release date Oct. 27
Oct 24, 2016, 7:16 AM
Mac Users, Try this if Your Mac is Infected?
Oct 23, 2016, 7:00 AM
Tips to Prevent Smartphones From Overheating:
Oct 22, 2016, 5:00 AM
Nasa Flies Drones at Nevada Airport
Oct 21, 2016, 8:21 AM
T-Mobile Data Problems
Oct 20, 2016, 10:17 AM
Annoying Apple Watch Problems and How to Fix Them
Oct 20, 2016, 5:00 AM
Your Mail May Soon Be Delivered By Robot
Oct 19, 2016, 9:34 AM
2018 Jeep Wrangler Prototype Sells At Junkyard
Oct 18, 2016, 5:00 AM
Samsung Shines with Gold Edition Tablet
Oct 17, 2016, 9:24 AM
Tesla Hints Mysterious Product Debut for October 17th
Oct 16, 2016, 10:14 AM
Samsung Galaxy Note 7 Phones on US flights
Oct 15, 2016, 5:00 AM
Comcast Fined $2.3 Million For Unconfirmed Services Charged To Customers
Oct 14, 2016, 5:00 AM
“American singer / songwriter “Bob Dylan is awarded 2016 Nobel Prize in Literature.
Oct 13, 2016, 10:33 AM
More Blog Posts
Copyright 2016 DailyTech LLC. -
Terms, Conditions & Privacy Information