Skip to main content
  1. Home
  2. Mobile
  3. News

About 8,400 new Android malware files are discovered every day, report says

Christian de Looper
By

Android malware
Image used with permission by copyright holder
We hear about new Android malware every week, but you might not know that new Android malware is discovered more often than that. Far, far more often.

According to security company G Data, a new piece of Android malware is discovered every 10 seconds and, as a result, the company predicts we will see 3,500,000 malicious Android files during 2017. That is an increase from 2016, but not by all that much — in 2016, 3,246,284 malicious Android files were discovered.

Recommended Videos

“Security holes in the Android OS are nothing unusual, as with other operating systems and software,” said G Data in a blog post. “Numerous companies such as Microsoft, Adobe or Google are simply expected to regularly publish security updates for their software products at least once a month. Owners of Nexus or Pixel devices receive updates for these directly from Google.”

Related

Not only is there a ton of Android malware out there, but the risk is worse considering how few people currently use Android 7.0 Nougat — which is the latest and safest version of Android. Older versions of Android are more at risk because of the fact that many holes in the software had yet to be discovered when they were released, and because many of them no longer receive security updates. Currently, only 4.9 percent of devices run Android 7.0 Nougat, while 31 percent run Android 6.0 Marshmallow and 32 percent run Android 5.0 Lollipop.

It is important to note that G Data sells Android anti-virus software, so playing up the risks does benefit the company. The numbers related to malicious Android files include individual instances of malware — not different apps. On top of that, most of the malware will never be a risk to people who only download apps from the Google Play Store.

Still, it is a noteworthy figure and, if nothing else, it proves that Android malware is becoming increasingly common. If you don’t already, make sure you are careful when downloading new apps and files to your Android phone.

Editors' Recommendations

Topics
Christian de Looper
Christian de Looper
Contributor
Christian’s interest in technology began as a child in Australia, when he stumbled upon a computer at a garage sale that he…
New Android phones must support USB-C PD and Digital Wellbeing, Google says
wireless charging over distance barriers cover

According to a document acquired by XDA Developers, Google is now requiring that Android manufacturers support its Digital Wellbeing suite and the universal standard for fast charging, USB-C Power Delivery (PD), in any future Android devices.

The new requirements will apply to any manufacturer looking to use the Google Mobile Services (GMS) package -- which, since GMS includes the Google Play Store and all of Google's services, applies to pretty much every manufacturer outside of the Chinese market. While companies won't necessarily have to worry about updating their entire backlog of phones to accommodate Google's demands, every new Android device will be required to follow the new rule, and so will all phones updated to Android 9.0 Pie and Android 10 after September 3, 2019.

Read more
You need to delete these 24 malware-infested Android apps right now
Android 10 Assistant Navigation

A number of apps have recently made their way into the Google Play Store with a little something extra: malware.
The malware, which has been dubbed “Joker,” is designed to sneakily sign users up for subscription services, ones that they might be charged for over the course of several months before they even realize that they’re subscribed.
Cybersecurity researcher Aleksejs Kuprins explained the issue in detail in a Medium post.
The malware appears to be targeting specific countries, including  Australia, Austria, Belgium, Brazil, China, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, India, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom and the United States.
The majority of the apps in question targeted specifically European and Asian countries and required a user to be using a SIM card from those regions in order for the malware to execute. In total 24 different apps were infected with the malware. Those apps were installed roughly 472,000 times. Metadata suggests that the apps started their campaigns in June 2019, although some may have also existed in the past.
That said, Kuprins notes that Google seems to be on top of the issue. Google removed all of the impacted apps from the Google Play store without any contact from the security researchers. 

Here's the list of apps infected with the Joker malware:

Read more
Google flags preinstalled malware as hidden threat on millions of Android phones
Android

Maddie Stone, a security researcher on Google's Project Zero and a former tech lead on the Android Security team, flagged preinstalled malware on millions of new Android smartphones as a hidden threat that requires more attention.

Stone shared her team's findings at the Black Hat USA 2019 conference in Las Vegas, in a presentation in which she said that a smartphone may have as many as 400 preinstalled apps out of the box. This is a major problem because attackers are attempting to hide malware in the preinstalled apps, as it is easier to convince one manufacturer to agree to a preloaded app than to convince thousands of users to download an infected file.

Read more