BT: Almost every Android device is infected with malware

BT: Almost every Android device is infected with malware

Summary: British Telecom says that one third of Android apps are compromised with some form of active or dormant malware, and that almost every Android device is infected. Something doesn't add up here.

SHARE:

Update on July 30 - BT backpedals on claims almost every Android device has malware

bt_logo

British Telecom (BT) has made some rather eyebrow-raising statements about Google's mobile operating system. We all know Android malware is a problem, but a BT security expert speaking at the NetEvents Americas conference has just made it sound like an epidemic that is affecting everyone.

"We analyzed more than 1,000 Android applications and found a third compromised with some form of active or dormant malware," Jill Knesek, head of the global security practice at BT, said according to EE Times. "Almost every device is compromised with some kind of malware, although often it's not clear if that code is active or what it is doing."

I've been covering the Android malware issue for quite some time, and while there is definitely more and more of it in the wild (last month was particularly bad), there is no way BT's claims are on target. I'm not sure which 1,000 Android apps BT chose to use in its analysis, but I doubt they were randomly picked. I find it very hard to believe that one third of Android apps contain malware and that almost every device has one of said apps installed.

This made me wonder why BT would be making such statements. I know that the U.K. telecom service provider sued Google over Android as well as other products late last year, but that's not enough of a reason for BT to hate on Android. This seems to me like some kind of miscommunication, a quote that has been taken out of context, or simply a poorly informed BT employee.

I have contacted BT about these claims. I'll update you if and when I hear back.

Update on July 30 - BT backpedals on claims almost every Android device has malware

See also:

Topics: Security, Android, Apps, Google, Malware

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

35 comments
Log in or register to join the discussion
  • Why do you question it?

    Nothing in your post indicates that BT's research is flawed. Just because you don't believe does not make it false. And just because BT is suing Google makes it false. There is no substance to your argument. CBS Interactive has really gone to the dogs.
    oraman
    • Yikes..

      Agreed. At least BT has some research and numbers to back up their claims. You are simply in disbelief and therefor wrote the article. Perhaps write this article AFTER you've contacted them and received some sort of statement.
      JL05XI
      • Also, Emil confuses 30% of applications and 30% of devices

        It is totally different thing.

        BT only discusses 30% of applications, not 30% devices. Most of those trashy applications rarely get installed, so actual percentage of infected devices is way lower than Emil writes and the two things are not even really correlated.
        DDERSSS
        • Nope.

          Read the BT quote again.
          Empro
          • Here is the quote

            "We analyzed more than 1,000 Android applications and found a third compromised with some form of active or dormant malware"

            Nothing to do with percentage of devices, but all to do with percentage of applications.
            DDERSSS
          • Read the entire quote

            "Almost every device is compromised with some kind of malware, although often it's not clear if that code is active or what it is doing."

            Sure "Almost every" is not a percentage, but most people would consider that to be above 75%.
            Bak79
      • Sure

        Where those numbers are?

        Actually, please tell them here:

        1. What digital Android stores were tested?
        2. What applications were tested?
        3. What TB counts as "malware" (Like what is minimal code function to say it is malware?)
        4. On what users did they test it (just on their own network users or all?)

        At least those four would be nice if you would tell, because you have the knowledge of the exact numbers.
        Fri13
      • numbers to back up or to spread FUD?

        >>At least BT has some research and numbers to back up their claims.
        Where did they get those numbers? Is it possible to get the names of those "compromised with some form of active or dormant malware"? I would also like to know where these bad apps are available.
        Since I can also examine the Planet Mars and find plenty of life there.
        eulampius
    • Because it's not logical and therefore, probably not true.

      It doesn't seem to pass the logic test. There's virtually no way that 30% of all Android apps are infected with malware. Sure, it's possible that 30% of the 1000 apps BT tested were infected with malware, but again, Emil asks the pertinent question. Which apps were they testing? Were they testing blatantly suspicious apps or random selections of apps? The "almost every device is infected" statement is equally ludicrous and BT don't give any indication in their statement how they came up with "almost every" device being infected by some form of malware. Emil has asked for clarification, which is what he should do.
      swmace
      • App source likely China

        That may make a bit of sense..... maybe if I stretch it .......
        rhonin
      • Exactly

        Exactly how many Android devices are infected? What apps are infected? What are they considering malware here?

        There are lots of apps in Google Play that just eat RAM or serve adds, does that make them malware according to BT?
        T1Oracle
  • They're counting adware, aren't they?

    Depending on who you ask, adware is a form of malware (or at least a "Potentially Unwanted Program". So technically speaking they're probably right.

    But as far as actual malicious code goes, I bet only a tiny fraction - way less than 1% - contain that kind of code.
    SupaRawr93
    • I look forward to your indepth analysis

      BT is blessed with the opportunity to actively monitor what goes over its pipes and is able to look at large data sets. I trust that your study will be equally exhaustive and not simply conjecture and throwing out a number like 1% with no basis in fact.
      Your Non Advocate
      • Oh really

        Can you explain how BT can possibly know "what" is going through their pipes? They can't possibly know this kind of information, because that would violate privacy laws...unless they have a court order.

        You really think a carrier knows what application sent each packet of data? Because it's not a continuous stream, it's packets. Do you understand how data is transmitted? It sure doesn't seem so.
        timspublic1
      • No they are not

        That level of Analytics would not be in play at a phone company sorry!

        They would have to cross reference data to accounts and validate devices and then prove which data was actually sent and which was stolen... All of which would be pure conjecture and speculation without having 100% of handsets in hand.
        slickjim
    • probably counting adware yeah.

      Thats the only way that number makes sense.
      Jean-Pierre-
    • If that adware is sending your location then its even worse

      I would not put it past them to maintain a history of it.
      Johnny Vegas
      • Yeah except...

        It was Apple that did that and not Google.
        slickjim
    • Adware and Push Notifications

      That's exactly what I thought too. Sometimes people/companies abuse the word malware.

      It's about the same as antivirus and antimalware vendors calling cookies malware. Overblown hype.

      I have installed and uninstall ed quite a few Android apps and while a small fraction were flagged by my AV none of them were actually malicious. Push notifications are the most common being flagged and again, very few compared to the amount I have installed. Even fewer were flagged for questionable permissions.
      evilfantasy
    • If it violates privacy law, ...

      ... then it arguably is malware.
      WilErz