Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

High-Risk Mobile Applications Thrived in App Markets in Late 2012

The number of high-risk apps in Google Android app stores jumped by 43.2 percent in the fourth quarter of 2012, with users in the U.S. having an average of 1.1 risky programs per device, according to a report by TrustGo Mobile.

The number of high-risk apps in Google Android app stores jumped by 43.2 percent in the fourth quarter of 2012, with users in the U.S. having an average of 1.1 risky programs per device, according to a report by TrustGo Mobile.

In a new report, the firm analyzed 2.27 million applications found on 187 Android marketplaces worldwide. According to TrustGo, more than 1 in 5 applications (21.1 percent) available worldwide have high-risk code that can compromise users’ personal data. Overall, the number of apps categorized by TrustGo as high-risk – not necessarily malicious – increased to 511,043 from 356,675 between the third and fourth quarters of last year.

“High-risk code is most often the result of unsafe and aggressive adware and ad networks,” explained Jeff Becker, head of marketing at TrustGo. “These networks may collect private user data such as phone number and device ID and transmit it to  third parties who use it for unscrupulous notifications – e.g. those that look like system updates – or leverage unnecessary permissions that allow aggressive tactics such as modifying browser homepage, or put unwanted icons and apps on the device.”

Many of the riskiest applications are games, according to the firm. Worldwide, more than 178,000 game applications have the high risk security rating – representing 44.5 percent of all such apps, according to the company.

The most risky marketplaces are China-based, with an average of 39.2 percent of apps flagged as malicious, high risk or “noisy”, with noisy meaning they have the potential to annoy users with excessive notifications or advertisements. The riskiest major app market in China is the Anzhi marketplace, where 77.6 percent of all apps were classified by the firm as posing some risk to users.

The title of safest marketplace went to Aproov in Europe, which had just two percent of apps classified as malicious, high risk or noisy. Amazon was ranked the fourth safest, while Europe-based Handster and China-based D.cn ranked second and third, respectively. 

Google Play, which has a security mechanism known as Bouncer to police the marketplace for malicious applications, was ranked fifth safest, with 8.4 percent of apps being considered risky.

The report from TrustGo comes after research from Kaspersky Lab released in November revealed that 28 percent of all mobile devices attacked by malware in the third quarter of 2012 were running Android OS version 2.3.6, known as ‘Gingerbread’.

When it comes to what’s on users’ devices, TrustGo found that mobile users in India were at the most risk. On average, those users have three high-risk applications on their devices. Chinese users had the second most, with 2.4 per device. The lowest amount was in Japan, where there were .8 high-risk apps per device. 

“Malware continues to be a problem around the world, but the real growth is happening in a category of apps we call ‘High Risk’,” said Xuyang Li, founder and CEO of TrustGo, in a statement. “These apps do not include malware in the conventional sense, but they are capable of a wide variety of behaviors that put users in danger.”

Written By

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022.