Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

3 Million New Android Malware Samples Discovered in 2017

More than 3 million new malware samples targeting the Android operating system were discovered in 2017, marking a slight decrease from the previous year, G Data reports.

More than 3 million new malware samples targeting the Android operating system were discovered in 2017, marking a slight decrease from the previous year, G Data reports.

The security firm counted 3,002,482 new Android malware samples during 2017, at an average of 8,225 per day, or 343 new malware samples every hour. Although the number is slightly lower when compared to 2016 (when 3,246,284 samples were discovered), the decrease isn’t significant.

In late January, Google revealed that it took down over 700,000 bad apps from Google Play during 2017, a 70% increase compared to the previous year. Many of these programs were copycats – they were either apps packing unacceptable content or malware posing as legitimate apps.

With Android being the most popular mobile operating system out there, it’s no wonder cybercriminals are focused on bypassing Google’s protection mechanisms in their attempt to push malware into the official app store.

This also shows that users should not rely solely on Google’s security features to protect their devices and data. A third-party security program should also be installed and maintained, to detect applications with malicious functions in due time.

Despite the large number of new Android malware samples and that of malicious programs slipping through Google’s protections, the overall security of the operating system appears to be improving, especially with the Internet giant stepping up the platform update process.

Previously, the update process involved multiple steps: the Android team published the open source code, processor providers adapted it to their specific hardware, smartphone providers worked on customizations for the software, network operators also added their own modifications, and only then could an update finally be released.

“Frequently, these concatenated processes take a very long time, so users do not receive the updates until months after they were released by the Android team,” G Data notes.

Lately, Google has been trying to have updates available for all users faster, and initiatives like Project Treble helps in this direction. Through it, a so-called vendor interface is provided, bridging the Android OS framework and the provider’s modifications and making relevant hardware-specific information readily available. Thus, manufacturers can deliver Android updates quickly.

Last year, developers and researchers discovered a total of 841 vulnerabilities among the various versions of Android, making the platform a clear forerunner when it comes to security issues. As a recent Risk Based Security report revealed, the Android-based Pixel/Nexus devices had the most (354) vulnerabilities featuring CSSv2 Scores 9.0 – 10.0 last year.

This leading position could be explained by Android’s open source nature, which provides more people with the opportunity of researching it.

“However, the problem is not only vulnerabilities in the software, but specifically holes in the hardware. Meltdown and Spectre, the serious security holes in processors, which are also present in mobile devices, have again demonstrated how important a speedy security process is so that users receive new updates quickly,” G Data points out.

Related: 700,000 Bad Android Apps Removed From Google Play in 2017

Related: Record-Breaking Number of Vulnerabilities Disclosed in 2017: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Malware & Threats

A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


More than 3,800 servers around the world have been compromised in recent ESXiArgs ransomware attacks, which also include an improved process.