It was also noted that between 10 and 24% of user devices come across at least one unwanted app. Lastly, the research points out that app distribution via commercial PPI services on Android is significantly lower compared to Windows. The study was conducted on 12 million Android devices with data from 7.9 million over a four-month period. The study compared app downloads from the Play store, alternative markets, web browsers, from commercial PPI (pay-per-install) programs, from an instant message, and seven other sources.
According to research conducted by NortonLifeLock and the IMDEA Software Institute in Madrid, 67.2-percent of the malicious apps on Android phones came from the Play Store. However, this was primarily down to the enormous volume of downloads from the Play Store as compared to other sources. The report also added that Google’s defenses work for the most part.
Deep analysis ?
- Google Play store accounts for 87.2 percent of total app downloads on Android, alternate markets at 5.7 percent.
- The research states that the vector detection ratio (VDR) for the Play store is still the lowest compared to other sources of app installs. “Its [Play store] VDR is only 0.6 percent, better than all other large distribution vectors.
- Thus, the Play market defenses against unwanted apps work, but still, significant amounts of unwanted apps are able to bypass them, making it the main distribution vector for unwanted apps,” says the research.
- Interestingly, unofficial alternate markets that had a total of 5.7 percent downloads had just over 10 percent unwanted installs.
- Installs from backups account for 2 percent of the total installs and 4.8 percent were unwanted.
- Installs from package installers account for 0.7 percent of the total and are responsible for 10.5 percent of unwanted installs.
How Did That Get In My Phone ?
Unwanted App Distribution on Android Devices’ recorded data from 7.9 million apps from 12 million Android devices over a period of four months during June and September 2019. The research found that 87.2% of total app downloads on Android came from the Play Store.
Google makes it incredibly hard to download apps directly from APK Mirrors, throwing up multiple security warnings that doing so could be potentially dangerous. And while that's true in most cases, a new report suggests that the main distribution vector for malware on Android phones is the Google Play Store.
However, the sheer volume of installs was the driving factor behind the high 67.5-percent of malicious apps coming from it. Additionally, the research also noted that unofficial alternate markets had a total of 5.7 percent downloads of which 10-percent were unwanted installs.