The Google Play Store has borne the brunt of recent reports of malicious apps prompting Android users to high-risk installations. And while there are more than 25,000 potentially dangerous apps in the store, it’s not the most dangerous place a user can visit right now. This honor belongs elsewhere.
The report in question is RiskIQ’s latest threat landscape, and it includes welcome security news for Google. “The number of blacklisted apps in the Play Store dropped 76.4% in 2019,” he said. An application is blacklisted when “at least one supplier has reported the file as suspicious or malicious”.
The US tech giant has launched several initiatives to reduce risk, but dangerous apps are still creeping up on the net. That said, according to RiskIQ, there were still those 25,647 blacklisted apps on the Play Store in 2o19 – alarming, yes, but down from 108,000 the year before.
There are often links to China with Play Store apps which are identified as unsafe and unwanted. And China ranks first in the RiskIQ report: with 40% of application spending, “China remains the largest application market,” an ecosystem that goes far beyond official stores. “The top three most prolific app stores in 2019 were Chinese, ahead of Google and Apple.” In fact, China’s largest app store, ApkGK, accounted for more than double the number of new apps like the Play Store.
All in all, it is not surprising that the four most dangerous application stores (by concentration of malicious applications) are all Chinese: 9Game, VmallApps, Xiamoi and Zhushou. And 9Game leads the way overall – RiskIQ cautions that it is the most dangerous of all app stores, with an impressive 61,669 blacklisted apps.
What about Apple? Well, Risk IQ notes that “Apple treats its App Store like Fort Knox and rarely hosts dangerous apps.” The company and its iOS operating system have not been without challenges over the past year, but its rigorous controls and improved filtering have maintained its market-leading security record.
Google has stepped up its campaign to control Android and the Play Store more effectively in the past 12 months. The Defense Alliance App has launched a collaborative effort with external security researchers to better understand the state of current malware threats, and AI is used on the developer platform to advise (although not yet mandate) on the access requested by applications to users’ devices.
RiskIQ reports that more than 200 billion apps were downloaded in 2019, with users around the world spending an impressive $ 120 billion in the process. The good news is that while the number of apps increased last year, up 18%, the number of apps on the blacklist dropped sharply, down 20%. But to put that into context, there were still 170,000 blacklisted apps, although 213,000 in 2018.