Google Play Store Is Android's Biggest Security Problem, Research Found

Android evil, Get it on Google Play”

Android is the most widely-used mobile operating system in the world. With many manufacturers, developers and users, Android's popularity is undisputed.

What makes Android popular, is its flexibility. Unlike Apple's iOS, Android comes in many design and appearance, providing lots of different experience that is customizable. And with the many brands that use Android, users can simply choose the brand they love, and enjoy Android.

Then comes the apps.

Android has more than 5 million developers from around the world, actively developing apps that account to more than 2 million. Due to the flexibility of Android, security experts have long advised Android users to always download apps from the Google Play Store.

Being the official app store for Android, Google Play Store is regarded as the more secure place, if compared to third-party apps, which in turn, is also safer than sideloading apps through their .apk.

But no, it was revealed that Android's biggest problem is actually from Google Play Store.

From the spread of malware, fake advertising campaigns and ransomware, all of which are on the rise this 2020, following the 'COVID-19' coronavirus pandemic.

Most notably, that is because most people assumed that malicious apps were originating from third-party app stores found online. Many assumed that Play Protect and other initiatives from Google would keep those who stuck to the Play Store safe from these malicious campaigns from hackers.

The general consensus is that if Android users want to stay safe, the best thing they can do is to download the apps they want from the official Google Play Store marketplace.

But research has shown otherwise.

It's actually the Google Play Store where the vast majority of these attacks originate.

Google Play Store, is considered and regarded as the biggest spreader of Android malware.

Summary of datasets used
Summary of datasets used by the research. (Credit: NortonLifeLock)

The research that was conducted by NortonLifeLock (formerly Symantec), is titled How Did That Get In My Phone? Unwanted App Distribution on Android Devices.

The security firm conducted the research by analyzing over 12 million Android devices, during a period of four months (June - September 2019). The researchers also looked at over 34 million APK installs from 7.9 million unique apps.

This was when the team found that between 10% and 24% of analyzed apps could be labelled as malicious or unwanted. NortonLifeLock's researchers went on to say that they have grouped the Android apps they analyzed into 12 different categories – one of which was apps that were installed from the official Google Play Store.

Other categories they designated included apps from third-party marketplaces, apps installed via a web browser, pre-loaded bloatware apps and apps installed via package installers.

Surprisingly, given the wide range of potential Android app sources, the researchers found that the Google Play Store was the biggest distributor for unwanted apps.

The study found "The Play market is the main app distribution vector responsible for 87% of all installs and 67% of unwanted installs." In second place, and far behind at 10%, was third-party marketplaces.

Summary of app distribution
Summary of app distribution. (Credit: NortonLifeLock)

According to the researchers, this happened possibly because the Google Play Store has a low vector detection ratio (VDR).

VDR looks at the ratio of threats to legitimate app downloads, which on the Google Play Store stands at just 0.6%.

"However, its VDR is only 0.6 percent, better than all other large distribution vectors. Thus, the Play market defenses against unwanted apps work, but still significant amounts of unwanted apps are able to bypass them, making it the main distribution vector for unwanted apps."

Given that the Google Play Store receives billions of downloads, it may not be much of a surprise that more malware threats emerge from this store compared to others which have far, far fewer users.

In the end, users have left to very little option.

The researchers suggest that users should do some research before downloading any app. They need to see how many times the app they want has been downloaded. While a popular app can be a sign of a good app, users should also read the comments, and observe the permissions the app asks.

Users may want to also check other apps created by the developer. The more apps the developer has created, the better.

Other things users should be aware of, include spelling errors, shoddy logos, unbalanced or poorly formatted interfaces and others.