Google security diagram

About 99.88 percent of side loaded Android apps found to be malware-free

Speaking at the VirusBulletin 2013 conference in Berlin yesterday, Google's Android security chief Adrian Ludwig broke down a whole lot of numbers — and a whole lot of popular Internet FUD — about the malware situation on Android. As expected, he spoke highly of the security model and methods Google uses to keep malware away from your Android, including comparing things like his department and the Bouncer to the CDC.

The CDC knows that it’s not realistic to try to eradicate all disease. Rather, it monitors disease with scientific rigor, providing preventative guidance and effective responses to harmful outbreaks.

Talking up your team is to be expected, but it's the numbers he has that we're interested in. Google has not had much to say about the malware complaints, because they haven't had the data needed to talk about them until now. This is a stark contrast to third-party security vendors researchers, who haven't let this stop them. Here's some data to chew on:

  • In a 1 million sample sized collected of apps installed outside of Google Play (side loaded), just 1,200 were classified as malware.
  • About 15 percent were purposefully installed commercial spyware apps
  • 40 percent were "root" apps that users chose to install on rooted phones
  • 40 percent make premium calls or texts and charge the user's account
  • The remaining 6 or so percent were random malicious apps

Ludwig says the numbers are a direct result of the "verify apps" portion of the Android security model, and that users are beginning to pay better attention and discard suspicious software. We're just glad to finally see some data that's more than the "Over 9,000!" usually thrown about when the words Android and malware can make a great headline. Data nerds, as well as folks interested in security and Android on the technical side should have a look at the source below.

Source: Quartz; Via: +Adrian Ludwig

 
There are 62 comments

BB_Bmore says:

Play store is still a cesspool tho

Sent from my Motorola side view pager 4-5683-968

Your data for this?

Talk is useless without the numbers to back it up.

Just ignore him. Trolls will be trolls. Even under an article like this.

Didn't you see all those numbers? 4? 5? 6 even?

Careful, I heard that guy goes all the way up to 968.

Posted via Android Central App

justadakaje says:

Did a catch a 9-er in there? Were you calling from a walkie-talkie?

BB_Bmore says:

My data is all the fake apps claiming to be something they are not. Don't have to really try and find them either.

I'm not trolling just calling it like I see it. Sorry if that touched a nerve with a fanboi or two. :-)

I don't know maybe, if your used to the play store because you use android and nothing else, you would feel differently.

Example : when bbm was "supposed" to launch the play store was flooded with close to 100 fakes within a few hours. If you don't think that's a problem then your crazy.

Sent from my Motorola side view pager 4-5683-968

dcjose48 says:

Ultimately it is the user that should know what they are installing, but yeah there's no way that all those fake apps should have been able to make it to the store.

Oh I see. I assumed you meant malware on the play store.

 

Ratnok says:

Malware =/= fake apps.

BB_Bmore says:

Hello

Sent from my Motorola side view pager 4-5683-968

MERCDROID says:

¡Que pasa!

Posted via Android Central App

mgfjd12 says:

And this is the reason why people think Iphone users are dumbed. It never crossed my mind that those apps were related to bbm. I guess some people need more help than others.

Chanlion says:

Just be diligent in what you decide to download and use. Android may not be the most secure platform out there but at least don't be the person that clicks those "You're the 1000th visitor!" links everytime. I've run into malware for let's say "unpaid" apps. If you just go through the Play Store, it's not guaranteed but it lowers the chance you'll get malware.

But my personal decision is not to run any banking apps on my Android system.

Ratnok says:

Did you even read the report?

Chanlion says:

Yeah, I know my comment was a little off topic but I wanted to say it as a more general advice kind of thing that can be applied to any platform.
But if there's anything else wrong, feel free to correct me.

BB_Bmore says:

It's funny to me when speak on an area where a platform can grow your automatically a troll!?

I see the same thing over at CrackBerry. If the play store can do better than it should. I know I know "if you do a little homework before you download then you should be good" problem is many people don't and the number of downloads these apps get along with the confusion in the ratings is proof of that.

But I'm just a troll though.... Just trolling for shits and giggles.

Sent from my Motorola side view pager 4-5683-968

MERCDROID says:

People look at your username, the fact that you constantly talk about BlackBerry (at Android Central), and automatically think "Troll!"

You blindly called the Play Store a cesspool. I guess, I can say the same, about Blackberry's App World, since there's one developer with over 40,000 apps, or close to 50% of Blackberry's app count.

Yes, we know that, on the supposed launch date for BBM, fakes kept popping up in the Play Store. But, don't sit here and pretend that was the reason why it didn't launch.

No app store is perfect. But, at least, with Google's Play Store, developers are not waiting weeks for approval from Apple, and you have a bigger target audience than BlackBerry and Windows.

Disclaimer: I'm not calling you a troll, I just love to debate.

bb10_fan says:

So, basically you prefer an app within few hours from the moment developer submitted it instead of waiting few days to get a bit more confidence that app does not wipe your smartphone? It's great when everyone has a choice :)

MERCDROID says:

Lol, like I said, I know what apps I use, and I know not to download random games, wallpapers, and such from the Play Store. Most of the apps that I download have already been screened by several other users. I also have Lookout installed, to scan apps, as soon as they're downloaded.

Posted via Android Central App

return_0 says:

I'd love to see an example of a malware app on the Play Store. Please, show me one.

Posted from my pure Google Nexus 4 using the AC app.

BB_Bmore says:

Please try to remove your feelings from the discussion. I am a troll though I use and love an HTC One daily.

I just call it like I see it. I do the same for BlackBerry too.

I'm not emotionally attached to any one platform. They all have their pros and cons.

Imo Google and BlackBerry both have an app problem. Is that better?

All platforms have room for improvement. They can always get better and they will. I think Google can improve the store. Apparently you don't mind at all and that's cool.

I'm not going to call you a fanboi because of your opinion... Your entitled to it. You can continue to call me a troll though. This is usually the first insult that comes from fanbois when someone dares to speak about areas in which the platform can grow. Not saying that you are a fanboi. I don't know you well enough to make that assumption.

Sent from my Motorola side view pager 4-5683-968

MERCDROID says:

See? I didn't call you a troll; if you had bothered to look at my disclaimer, you would have seen that.

You're telling me to remove my emotions from this discussion, when in fact, there are no emotions. If anything, you're offended that you've been called a troll, by OTHERS.

You're entitled to your opinion, as am I.

Of course, the Play Store could use an improvement in its app approval process. I even admitted that, on the day that BBM was supposed to launch. It's not perfect, but, I prefer Google's offerings over Blackberry's. Does my preference make me a fanboy? So be it.

Posted via Android Central App

crwallace2 says:

I think if you would have stated, "The play store still needs work on filtering Fake apps" instead of "Play store is still a cesspool tho" people might have taken your comment as actual constructive criticism instead of trolling

MERCDROID says:

This.

Posted via Android Central App

Only andriod lovers can call other operating systems bad names. If you call it like it is your a troll here. By the way the play store is a cesspool.

Posted via Android Central App

MERCDROID says:

Grammar and punctuation are your friends, brother.

Posted via Android Central App

Not really trolling you just have to understand the ecosystems. Apples is closed so you can't submit any kind of app and googles is open so you ultimately can submit anything. Is it better? In some ways yes but in other ways like your example it isn't but its one of those things where you take the good with the bad. The problem is this isn't anything new and you pointing it out is part of a much larger debate that has been on going since early versions of android.

To be fair to the other people your comment wasn't on topic and people probably are tired of having to explain exactly how the system works. Google has stated and continues to be pretty consistent about their app store being open to anyone and that's the way it is.

Posted via Android Central App

BB_Bmore says:

Double post

Ratnok says:

Jerry, I think a statement like this would make your article more clear to readers.

"Google’s Android Security chief Adrian Ludwig reported data showing that less than an estimated 0.001% of app installations on Android are able to evade the system’s multi-layered defenses and cause harm to users."

BB_Bmore says:

That's sounds great, fact remains that Google is the worst at policing it's store and I for one would like to see them improve.

I'd like to see them clean things up and make it much harder for these "devs" to plague the store with garbage so easily. Sorry if you feel that has nothing to do with the the above but I disagree.

Sent from my Motorola side view pager 4-5683-968

MERCDROID says:

I agree, I want to see Google improve its app store, as well. We can all agree, that something will have to change, in the future, to entice more developers and get more high quality apps in the Play Store, while at the same time, getting rid of the junk.

Posted via Android Central App

MERCDROID says:

I've only ever side-loaded aDownloader (from their website) and TubeMate (from the slideMe app store). All of the other apps that I use, are downloaded from the Play Store.

I guess, this article doesn't really apply to me, though. I'm not an app junky, but I know when an app looks suspicious. It's called common sense, I think.

Posted via Android Central App

BB_Bmore says:

Every comment has a smart ass tone to it lol. I'm not trying to hurt any feelings here, I just speaking on an area were I think Google can do better and if you are OK with the state of the store then that's that's cool. I'm not going to get upset about that because I think it's OK for folks to have opinions :-)

Sent from my Motorola side view pager 4-5683-968

MERCDROID says:

My comment was directed at no one. I was just replying to the article, lol.

Posted via Android Central App

plunder says:

Hi Jerry. If you can - could you please explain to average users (like me) what this means for us, on the podcast tonight. Many thanks.

Awesome A C

YES :)

Grahaman27 says:

Good :) a nice contrast to all the medias mumbo jumbo

Posted via Android Central App

This needs to be a worldwide PSA.

MERCDROID says:

+9000 To shut up all of the "Android is Malware" conspiracies.

Posted via Android Central App

bb10_fan says:

:)) it's not a conspiracy, just a slight exaggeration. Also, Play Store is the only store I know where you can actually find a malware :)

MERCDROID says:

Yeah, that's if you're looking for it, lol.

Posted via Android Central App

return_0 says:

Lol, until you show proof, you'll continue to be wrong.

Posted from my pure Google Nexus 4 using the AC app.

Joshua Pack says:

Any malware that I have ever gotten was more of adware then anything. it was annoying stuff i installed myself that i thought was going to be better then what it actually was.

I don't like to bash apple, as they have great products, but their latest iOS7 is very slugish and buggy. I'm glad I am back on android, even with its problems. My poor friend upgraded to iOS7 and has a hard time with his iPhone.

Luke Levine says:

Agree. A friend of mine owns an iPhone. After the upgrade to iOS7 it keeps deleting all his contacts. So he's definitely switching to android any time soon.

Grahaman27 says:

I went to a website once on my phone and it said my phone had malware on it and told me to download the fix.

Obviously fake, I downloaded it anyway just to see what it was (cuz I don't believe in android viruses), and it was a legitimate store with legitimate apps... Just a sketchy way of advertising.

Posted via Android Central App

Luke Levine says:

:O

CrimsonSage says:

Haha, now my curiosity has been fulfilled. I can die in peace. Has anyone clicked on the 1000th visitor one? :P

TeknoBug says:

Yet dozens of fake BBM and Whatsapp copies appears, among many others.

BB_Bmore says:

Teknobug is obviously a troll and a BlackBerry fanboi.

Sent from my Motorola side view pager 4-5683-968

MERCDROID says:

You're taking this way too personal, man.

Posted via Android Central App

gueneal says:

hey we all love our devices... I love android, dislike Microsoft, would pee on apple... so far, I'm still happy with my tablet.
By the way your signature takes me back to the days I was young and dating.

MERCDROID says:

=)

Posted via Android Central App

Gueneal just said he would pee on apple, I bet you guys found that cool. But do not call the playstore a cesspool or you r gonna get it. Stupid!!!!

Posted via Android Central App

MERCDROID says:

I was smiling, because of the last part of his post. Get a life, bro, lol.

Posted via Android Central App

Hit a nerve?

Posted via Android Central App

MERCDROID says:

Maybe, lol. Sorry, the "Get a life" portion was unprofessional.

Posted via Android Central App

return_0 says:

Not as unprofessional as ridgeline's comment.

Posted from my pure Google Nexus 4 using the AC app.

MERCDROID says:

Haha yeah, good catch.

Posted via Android Central App

TeknoBug says:

Wonder what pee on apples tastes like, I might try it.

MERCDROID says:

Ummm.... Que?

Posted via Android Central App

mayconvert says:

other post appears to have been deleted...nm