Study: 6 out of 10 Android apps a security concern

Webroot mobile threat report illustrates dramatic rise in mobile malware--especially threats targeting Android devices.

Security vendors have been preaching about the impending doom of mobile malware for a few years now. Each year seems to see a dramatic spike in detected malware over the previous year, but users are starting to get a bit cynical about the coming mobile malware apocalypse. A new report from Webroot once again highlights an increase in mobile malware and also sheds light on how iOS compares to Android.

The Webroot Threat Research team analyzed nearly six million mobile applications, and hundreds of thousands of mobile infections between 2011 and 2013 to compile the Webroot Mobile Threat Report. It also reviewed data from around 125,000 customers who activated Webroot's Lost Device Protection (LDP) feature.

Webroot found that Android poses a greater security risk than iOS. Webroot identified a 384 percent increase in total threats to Android devices over 2012, and found more than 40 percent of the Android apps analyzed were classified as either malicious, suspicious, or unwanted.

By contrast, more than 90 percent of the million-plus iOS apps that Webroot assessed were tagged as "benign," with seven percent marked as "trustworthy," and only a meager one percent identified as "moderate" risks. The lower instance of suspicious or malicious apps is a function of the vetting process developers must go through before apps are made available in the Apple App Store.

To be fair, Android actually had double the percentage of apps deemed "trustworthy": 14 percent compared to only 7 percent for iOS. The lack of suspicious, malicious, or unwanted apps in iOS is commendable, but there's still a long way to go to get the 92 percent "benign" apps over to the "trustworthy" side of the fence.

Webroot also dug deeper to determine which categories of apps seem to be the biggest security risk. Arcade and action games represent the highest infection rate on Android by far--more than one and a half times the infection rate of communications apps, which came in second. Entertainment came in third. The high prevalence of infection among games and entertainment apps illustrated that attackers recognize how most people use their smartphones and tablets, and they're targeting consumers.

Another interesting aspect of the Webroot Mobile Threat Report is the analysis of how people use the Lost Device Protection (LDP ) feature in Webroot mobile security products. The most used function was to simply locate the device, followed by "scream" to force the device to make a loud noise so you can find it. Nearly one-in-five users remotely locked their device with LDP, and a quarter sent a custom SMS message hoping that someone would contact them or return the device. A paltry two percent of LDP activations resulted in wiping the device, which is either a testament to how often people are able to retrieve a lost or stolen mobile device, or an indictment of how careless people are when it comes to safeguarding sensitive information on a lost or stolen device.

The bottom line is that there are a lot of apps out there that do things they're not supposed to do and things you probably don't approve of. Make sure you only get apps from trustworthy sources like the official Apple App Store and Google Play app store, and pay attention to the permissions the apps request to make sure they're not overstepping their bounds.

Join the CSO newsletter!

Error: Please check your email address.

Tags Webrootconsumer electronicsiossecuritysmartphonesAndroidsoftwareoperating systems

More about AppleGoogleWebroot

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tony Bradley

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place