Are Android users becoming vulnerable to malware?

Posted on: May 13, 2015 | By: Ryan Gay | Filed under: Devices, Info Security

At the beginning of May,201310DIY-Android-Malware-Analysis-Taking-apart-OBAD a new study released from the Institut Eurécom suggests that apps available to Android users on sites such as Google Play are increasingly exposing their users to malware. According to the report, “the apps connect to a mind-boggling 250,000 different URLs across almost 2,000 top level domains. And while most attempt to connect to just a handful of ad and tracking sites, some are much more prolific.”

Findings of the report

The report acknowledged that there are two different environments for users to download apps—Apple’s App Store and the Google Play store. The main reason behind apps with malware making their way into the market is because “…Google exercises a lighter touch in vetting apps, only excluding those that are obviously malicious,” according to the report. As a result, many of the Google Play apps connect to ad-related and tracking sites, while others connect to dubious sites associated with malware.

Further, the report found that “about 10 percent of the apps they tested connect to more than 500 different URLs. And nine out of 10 of the most frequently contact ad-related domains are run by Google.” On the brighter side, user tracking sites that apps connect to are less pervasive.

Should I be concerned?

It’s always important to be wary and discerning when it comes to downloading any type of file from the internet. However, Ryan Whitwam, of ExtremeTech, noted that “only a very small fraction of malware apps are ever spotted in the Play Store, and they are quickly pulled.” Further, Whitwam said that Google uses both automated and human review processes for anything that appears questionable.

But, if you stick to the major apps from the Play Store developed by well-known companies, you’re unlikely to encounter any malware.

What can I do?

Right now, users should make smart choices when downloading apps from the Google Play store. However, here are some tips to keep your Android device safe:

  • Don’t alter your Android’s default security settings. By refusing data from “Unknown Sources,” you should stay out of reach of Android malware.
  • Only download apps from trusted sources or companies.
  • Keep an eye out for NoSuchApp. Currently in development by Institut Eurécom, the app will monitor the behavior of others on a user’s smartphone and reveal exactly which external sites apps are connecting to.

Image by Security Intelligence

Ryan Gay

Ryan is the Manager of Service Management & IT Project Lead for Instructional & Campus Technologies. He has received both undergraduate and graduate degrees in English from UNC-Greensboro.

More Posts - Website

 

Comments are closed.