RiskIQ claims malicious Android apps up by almost 400 percent on Google Play

RiskIQ, an Internet security company, claims that malicious apps have grown by almost 400 percent on Google's Android Play store.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

The best way to avoid Android malware is to make sure you only download apps from trustworthy sites such as Google Play or Amazon's Appstore for Android... or is it? RiskIQ, a corporate Internet security company claims that malicious apps have grown by 388 percent from 2011 to 2013 in the Google Play store.


RiskIQ also claims to have found that the number of malicious apps removed annually by Google has dropped from 60% in 2011 to 23% in 2013. The company states that these results were gathered by its RiskIQ for Mobile service. This distributed global proxy network continuously monitors mobile application stores to detect suspect applications, application tampering and brand impersonation. For this survey, RiskIQ only counted Android apps in the Google Play store as malicious if they are/contain spyware or SMS Trojans. These Android malware programs had one or more of the following characteristics:

Five simple ways to avoid Andriod malware

• Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
• Send SMS messages to premium-rate numbers
• Subscribe infected phones to premium services
• Record phone conversations and send them to attackers
• Take control over the infected phone
• Download other malware onto infected phones

“The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft, and steal confidential data,” said Elias Manousos CEO of RiskIQ in a statement. “Malicious apps are an effective way to infect users since they often exploit the trust victims have in well-known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants. Our unique visibility directly into App Stores allows us to shine a light on this problem and prevent attackers from impersonating brands to exploit their customers."

The end result is that RiskIQ claims that in 2013 no less than 12.7 percent of all Google Play apps were malware. That seems high and a closer look at RiskIQ's numbers also showed that the company has Google Play total number of good applications in 2013 as being 332,084, which was far less than the 2011's total of well-behaved applications, 402,509. That doesn't seem right.

It's hard to judge the veracity of RiskIQ's claims. Google has scanned software for malware tendencies since 2012 with its Bouncer program before placing any program on the Google Play store. In addition, Google now forbids app updates that don't come via its Play store.

Since Bouncer catches malicious applications at the time of upload, those apps never make it into the store. So, if Bouncer is catching these applications before they make it into the store, the percentage of malicious apps that are already in the store might go down, but that's because a greater number are being caught before they make it into the store. This, of course, is a good thing.

In short, while there's no question that Android malware is a significant problem, I remain unconvinced from this study that 12.7 percent of all Google Play apps were malware of one sort or another. That said, you should still use a high-quality Android anti-virus program and be wary of installing dodgy software.

Related Stories:

Editorial standards