Thursday, 29 August 2013

Nearly 7,000 Malicious Android Apps Infest China's Appstores

Android Malware
The independent testing lab AV-Comparatives has released the results of a six-month long study of third-party Android app stores. They found that most of the dangerous apps are concentrated in Chinese stores, and encountered about 7,000 dangerous apps in third-party stores. Now that's a number to worry about.
The study ran from November 2012 to May 2013, and looked at 20 major third-party app stores. Of these stores, most are known to be located in China and the region also boasts the most malware found in a single store (1,637 malicious apps in the Anzhi store, but more on that later).
In total, AV-Comparatives found 7,175 pieces of malware and greyware, the latter of which the company defines as things like spyware and adware which is risky but not necessarily malicious. Of the dangerous apps, 95 percent were concentrated in Chinese stores. The Anzhi and EoeMarket stores were the worst offenders.
Why So Concentrated?
"The investigations' findings suggest that the dramatic numbers of malicious apps present on the Asian market are closely linked to this market's booming activity," wrote AV-Comparatives, attempting to explain why Chinese stores seem glutted with malware. "From this point of view, European and US markets can be considered secondary targets, as they are entering a stage where growth is steady."
The concentration of malicious software is also likely tied to the official Google Play store being partly or entirely inaccessible in that region. In places were users can buy Android phones but can't reliably access Google Play, third party app stores flourish along with malware.
We've seen similar clusters of illegal and semi-legal activities based on law enforcement and malware business models. For instance, Russia has a hugely complex malware industry built on using SMS codes that are only valid in that region. Another example is spammers moving operations to Belarus when other countries started cracking down, resulting in over 25 percent of the country's IP addresses being blocked for spam
Staying Safe
The good news is that not all Android marketplaces outside of Google are nests of malware. AV-Comparatives found several stores with just a handful of dangerous apps and one store—F-Droid in the UK—had no malware or greyware.
Unfortunately, no store is completely safe—even the official Google Play store has had a few pieces of malicious software. The best way to stay safe is to think carefully about what you download and use some kind of security software on your device, such as our Editors' Choice award winners Bitdefender Mobile Security and Antivirus and avast! Mobile Security & Antivirus. Also, consider what you're downloading: if it's a "free" version of a for-pay game, then you're taking a big risk.
Android users can also take advantage of a new service from AV-Comparatives called AVC UnDroid. This online scanner lets you submit suspicious APK files (apps) for scrutiny. For people without access to official app stores and few trustworthy security apps, this is a good first step to curbing malware infestations.
Hopefully, the scary numbers of today will spur more marketplaces and developers to provide safer stores and more robust security suites.

No comments:

Post a Comment