One out of three third party Android apps is 'malicious'

Data CBR Staff Writer

11:17, April 21 2014

74% of 12,000 apps scanned were detected for malware by one engine.

A third of the Android apps scanned for malware were found to be suspicious by at least one anti-malware engine, according to San Francisco-based software firm Opswat.


Over 12,000 Android apps available in third party stores, excluding Google Play Store, were scanned by Opswat through its anti-malware system Metascan Online, using 40 anti-malware engines.

Going by the notion that the maliciousness of an app is proportionate to the number of its picks by anti-malware engines, only 26 apps (a little over 1% of the collection) were detected by ten or more engines.

Angrybirdspremium.apk, Youtube Downloader, TwitterApp.apk are a few of the 26 apps.

According to the firm, 74% of the apps were detected by at least one anti-malware engine, in most cases the same engine, for being malicious.

Opswat director of professional services Dan Lanir said in his blog, "With only one anti-malware engine detecting the threat, it could mean that it is the first to detect an advance threat or perhaps that it has a superior threat detector for the Android operating system. On the other hand, the detection could potentially be a "false positive"."

Of the remaining 26% of the suspicious files, 9% were caught by two anti-malware engines, 4% by three engines, and less than 1% of the malicious file-set, were detected by ten or more anti-malware engines.

Moreover, 76% of the suspicious files were classified as adware.

Lanir said, "Even if you discount the adware as true malware and the cases where only one of forty engines detected a file as suspicious, there is still an 8% rate of suspicious APKs in our sample set."

According to the Threat Report H2 2013 released by F-Secure Labs in March this year, 97% of mobile threats in 2013 were directed towards Android platform, albeit through apps offered by third party stores.

Over 140,000 malware detections were made, with 42% of them found from Saudi Arabia, and 33% from India. European countries accounted for 15% and the US 5%.

In February this year, experts have warned that cyber hackers are customizing Android malware to suit different geographies.

Image: 12,000 Android apps available in third party stores were scanned by 40 anti-malware engines. Photo courtesy of Dsimic at English Wikipedia.

get a cbr Cyber Security weekly update

Terms & Conditions & Privacy Policy.


Post a comment

Comments may be moderated for spam, obscenities or defamation.