More than 700,000 malicious Android apps wreak havoc on the web

Malicious apps, some of which can be found on the Google Play Store, could steal your personal information.

A quarterly report released by internet security giant Trend Micro recently has found a huge surge in the number of Android malicious apps around the web.

According to the report, the amount of high-risk apps has now reached more than 700,000, up from 509,000 in the previous quarter. This could be worrying for Android users as it is believed up to 99% of devices are at risk of being infected.

The majority of these malicious apps are disguised as popular apps, but contain malware that could see victims subscribe to costly servicesFAKEBANK is a common and prominent malware that does just this. By spoofing "legitimate apps", it creates shortcuts to mobile banking programsJohnathan Leopando, of Trend Micro, says infected users may then be at risk of entering their banking details into a malicious app.

"Once on the device, they can behave in the way that any malicious app would, except the user would think they were a completely legitimate app. For example, a modified/Trojanized app for a bank would continue to work for the user, but the credentials would have been sent to an attacker".

Those from economically developed countries were found to be at greater risk with Vietnam, Brazil and Burma downloading the most malicious apps. This may be due to a desire to acquire applications for a cheaper price.

Although this report could have been released by Trend Micro in an attempt to self-promote their security programs, it is advised that mobile owners should invest an anti-virus for safe measure.

Android users are also advised not to download a dodgy version of Facebook with 1,000+ downloads with a one star rating. Otherwise, you can kiss your University funds goodbye.

Source: Trend Micro | Image: Dottech

Neowin Live - This event has concluded

Report a problem with article
Previous Story

Microsoft offers deep price cuts on Xbox 360 games

Next Story

Buffalo, NY getting Microsoft Store; Orlando, FL to get second location

118 Comments

Commenting is disabled on this article.

Amazing how people still think ios has no malware the only problem is that the malware doesn't affect the device it's self it actually rides inside the ios and when connected to a computer it infects it. No Os is safe from Malware. With that said I've never had a malicious app on any of my Android devices. Who on earth is stupid enough to download an dodgy version of Facebook when the real Facebook app is free anyway.

Just because some antivirus company, which makes their money off of spreading fear, doesn't make it the truth.

In fact I have seen plenty of rumors of the viruses being spread by the antivirus companies themselves. Its to their benefit to instill fear.

This is something we all didn't know would be coming about? If you didn't, you shouldn't have a phone!

Basically,
A pretty stupid article, to have to even mention this! Also, anyone putting their faith in an app just because it's from Google, should have their head examined!

I searched the above .pdf for the word 'play/store', and it's not mentioned once! In fact i'm yet to see a truly malicious app on Playstore.

spUrr said,
I searched the above .pdf for the word 'play/store', and it's not mentioned once! In fact i'm yet to see a truly malicious app on Playstore.

I haven't either, I keep seeing this news stories about malware and Play Store...but don't see the actual malware on the store.

I've seen plenty of junk apps that infest the phone with ads everywhere. track their every move and phones it all home.
Even had one or 2 myself when I had an HTC for a few months it's not all that obvious all the time. Specially if you download some games or things regularly.
And I aint the only one in my surroundings by far that had these issues.

But do a simple google search about this advertisement/tracking infestations on people's phones...
Keep ignoring it all, thanks to everyone giving Google a green go on keeping their system open and vulnerable, they won't be arsed to fix it.

The current play store is highly optimized to push Trojans.

If Google really wanted security, there are some simple steps they could take.
But don't hold your breath....

And yet, I have not seen one of these 700k malacious apps in hte Play store or anywhere else. Neither has the dozens of friends/family I know either. Which either means I have less idiots friends/family than most...or Google, and others, are quick and fast to remove them.

I wonder how many people who are saying "I hate android and the play store" uses XP or Windows 7. Heck, even Win8. Yes, I have seen malware in Win8...not via the app store tho.

Edited by techbeck, Aug 12 2013, 12:48pm :

I don't know if you've noticed but malware doesn't jump out of your phone and yell woogaboogoboo at you. It sits there quietly in the background and steals your life.

Keep up the good work. Support your local hacker.

Major_Plonquer said,
I don't know if you've noticed but malware doesn't jump out of your phone and yell woogaboogoboo at you. It sits there quietly in the background and steals your life.

Keep up the good work. Support your local hacker.

It doesnt take a rocket scientist to see what developers are legit, what are not, and what a fake app is. Also, there are scanners for Android phones just like the many scanners for Windows OS.

Brony said,
FUD in action. Sheesh.

How is it FUD exactly? Android malware has been well documented from numerous sources, never mind the unpatched vulnerabilities/flaws in the OS that make it easy to install. Unpleasant, sure, but FUD?

Max Norris said,

How is it FUD exactly? Android malware has been well documented from numerous sources, never mind the unpatched vulnerabilities/flaws in the OS that make it easy to install. Unpleasant, sure, but FUD?

Google patched the latest Nexus flaw rather quickly and send the update to OEMs right after. And Samsung, the biggest OEM, patched their devices. Well, their popular devices.

This is a reason I think the plain Nexus/Play store phones will start doing better over the gimmicky Samsung crap that gets released in many different models and only a few updated.

techbeck said,
Well, their popular devices.

Exactly, the majority of devices that are out there will never see this update and can still be tricked because it can't tell if an app has been tampered with. I'm not downplaying Google fixing the problem but that's still a very serious vulnerability that a lot of devices will never have fixed.

Max Norris said,

Exactly, the majority of devices that are out there will never see this update and can still be tricked because it can't tell if an app has been tampered with. I'm not downplaying Google fixing the problem but that's still a very serious vulnerability that a lot of devices will never have fixed.

I think the OP is wrong tho. 99 percent of devices are not infected. AT the start, yes...but lots of those were updated in the past couple of months.

Hope Google does well with the Moto X and starts releasing more phones. These will be among the fastest updated/patched devices out there.

Max Norris said,

How is it FUD exactly? Android malware has been well documented from numerous sources, never mind the unpatched vulnerabilities/flaws in the OS that make it easy to install. Unpleasant, sure, but FUD?

It's FUD because the reader is left with the impression that this malware is all over the Play store, when it has nothing at all to do with the Play store. These faked apps are almost always sideloaded by idiots trying to steal paid apps.

It's also FUD because many of that "700,000" will just be multiple fake versions of the SAME legit app; it's just creative counting.

FloatingFatMan said,
It's FUD because the reader is left with the impression that this malware is all over the Play store, when it has nothing at all to do with the Play store.

Well malware has been found in the Play store... but I'll agree to your point there, it is written a tad skewed, I see what you're getting at.

Max Norris said,

Well malware has been found in the Play store... but I'll agree to your point there, it is written a tad skewed, I see what you're getting at.

Sure. It would be dumb in the extreme to say there is NONE on the Play store. But there's very little, and it's removed as fast as it's reported.

FloatingFatMan said,

It's FUD because the reader is left with the impression that this malware is all over the Play store, when it has nothing at all to do with the Play store. These faked apps are almost always sideloaded by idiots trying to steal paid apps.

It's also FUD because many of that "700,000" will just be multiple fake versions of the SAME legit app; it's just creative counting.

Agreed

FloatingFatMan said,
as fast as it's reported.

Why does it require reporting.
Shouldn't be allowed in the first place.
Don't give me that Open bs. Google are not doing their due diligence for all the ad impressions they get from their partners customers, aka the public.

Even Apple don't catch everything, and that's -with- their paranoiac hyper-scrutiny of everything anyone submits to their walled garden store.

Androids openness is not BS either. The possibility of rogue applications is the price you pay for complete freedom of app and market choice, so it's very much relevant. Windows is a perfect example of that too.

Also, Google's app submission process is quite different to Apple's, so their due diligence has different conditions and cannot be compared to Apple's.

Not that much. I always refer to av-test.org as they show a good representation of what is currently the strongest AV software for a particular quarter.

I personally like Trend Micro, but it was one of the first AV I used that didn't bog down the system, like its competition used to do, Norton/Mcafee etc.
And it was one of the first AV's (if not the first) with a free web-based scanner \o/
The last version I used, the suite 2011 version IIRC, was great. It has some features I didn't find in other AV's.
For example, the instant-kill-all-trend-micro-processes feature is <3

Can't believe Google doesn't have any filters which can detect apps like this. Completely shocking.

Then MS get hate for not having virus'. Maybe because all apps are digitally signed so they can't be modified to include any foreign code? Less people use it, doesn't mean its still possible to get virus' on it. Haha the Linux crew used the same argument to defend their OS against virus'.

FloatingFatMan said,
Why would they need to? These "700,000" apps were /not/ on the Play store, which has very little malware on it, and it's removed as fast as its found.


Ah right, my mis-understanding then. Well why is this news if you've got to browse to some dodgy site to get these on your phone?

JonnyLH said,

Ah right, my mis-understanding then. Well why is this news if you've got to browse to some dodgy site to get these on your phone?

It's "news" because it's a FUD article attempting to make Android look bad in the face of the competition.

Just because it doesn't mention the playstore, doesn't mean NONE of this has come through the Playstore.
Read up, some people have those apps which infect the system with ads and junk. This is very common

But hey, its all OKAY cause this is Google and not Apple/Microsoft...

http://www.appbrain.com/stats/number-of-android-apps

Android is open, iOS is not (as well all know and has been stated lots of times). With freedom comes those who wish to deceive and defraud. That's just a fact of life. It's the same with say kids toys; there are some good quality toys which are safe, last for a reasonable amount of time but are expensive (comparatively). Then you have your unsafe non-CE marked toys for 50p off the market that contain lead paint and has small parts which can be swallowed by an innocent child. As parents we have to make choices about the toys we buy for our kids; as adults we need to make informed decisions about which apps to download and install onto our Android devices. At least we have Lookout to warn us when we buy the 50p toy.

I hate the Play Store.

I was at a LAN party a month ago and we decided to do a spontaneous quiz we found online.

As we're geeky, we decided to download a buzzer app for our phones to use when we want to guess an answer.

Us Android users downloaded the first app, which was a simple app (just a big red button in the center of the screen - perfect!) with average reviews and no hints of negative issues. When we installed it, it automatically created advert icons all over the Android system (app drawer, home screen, notification center etc.)! To make it worse, the app itself didn't work as intended. Uninstalling the app, of course, didn't remove the junk it created

The iOS users downloaded one and had no issues at all.

Very frustrating...

King Mustard said,
I hate the Play Store.

I was at a LAN party a month ago and we decided to do a spontaneous quiz we found online.

As we're geeky, we decided to download a buzzer app for our phones to use when we want to guess an answer.

Us Android users downloaded the first app, which was a simple app (just a big red button in the center of the screen - perfect!) with average reviews and no hints of negative issues. When we installed it, it automatically created advert icons all over the Android system (app drawer, home screen, notification center etc.)! To make it worse, the app itself didn't work as intended. Uninstalling the app, of course, didn't remove the junk it created

The iOS users downloaded one and had no issues at all.

Very frustrating...


It doesn't make sense at all that after removing the app it stayed in the app drawer, notifications..etc. It's not possible.

Mamoun said,

It doesn't make sense at all that after removing the app it stayed in the app drawer, notifications..etc. It's not possible.

The app itself went, but not the extra junk icons it created.

Heh the 1st four hits I get on playstore for buzzer actually all work. I'd would've recommended the one with 50,000 downloads, or for simplicity the one @ 87.87kb. Especially any where the dev responds to user comments is usually a solid app.

Well, this is one of the worst articles there is. Have you even read the source? Nowhere does it mention the Play Store.

They're not talking about apps in the Play Store, they're talking about apps just floating around the web as APK files. The amount of malware in the Play Store is actually pretty low.

Ambroos said,
Well, this is one of the worst articles there is. Have you even read the source? Nowhere does it mention the Play Store.

They're not talking about apps in the Play Store, they're talking about apps just floating around the web as APK files. The amount of malware in the Play Store is actually pretty low.

You are partially correct.

True there are very few currently available in the Play Store; however, most of these have been available on the Play Store and pulled.

So you cannot just blindly trust the Play Store.

There are a lot of Android malware entry points.

For example, developers can release a non-malware version of a 1.x version of their App, and supply a malware filled version 1.1 and users that have it set to auto-update will get the malware.


Well there's a difference between malware and apps that just have all permissions set by default and fill your phone up with ads. As a user it is your responsibility to check app permissions at install. Updates cannot add permissions without explicit user confirmation.

Ambroos said,
Well there's a difference between malware and apps that just have all permissions set by default and fill your phone up with ads. As a user it is your responsibility to check app permissions at install. Updates cannot add permissions without explicit user confirmation.

That was just one simple example. Sadly malware is far more rampant than Android users would ever suspect.

With regard to this simple example, if an update based attack was the intent of the developer, their App would focus on the specific permission they need opened, and then add the exploit later on.

People..people... its 700,000 found AND REMOVED from the play store over that period of time. It's not 2/3 apps being malicious etc. They don't just stay there is they can cause issues for users and have been reported.

Also, looks like people missed "Although this report could have been released by Trend Micro in an attempt to self-promote their security programs, it is advised that mobile owners should invest an anti-virus for safe measure."

Yup. There are alot of false numbers floating around and it is sometimes hard to know who to trust when it comes to real numbers for security issues. Many times the numbers are fudged a bit in order to push their own agenda.

Exactly but it doesn't change the fact that if you own an Android device you should disable sideloading and have some form of anti malware installed ;-)

billstelling said,
Funny, if it was MS there would be 100 flaming posts here already.. I guess Google gets a pass from the Win haters..

Grunt's post from above^^

billstelling said,
Funny, if it was MS there would be 100 flaming posts here already.. I guess Google gets a pass from the Win haters..

Problem is MS has this problem too but noone targets it because noone (1% does not really count as a target audience) uses Windows Phone.

PeterF said,
Oh please stop repeating that Windows Phone has no users, I'm almost starting to believe you /s

Its true. It has 1% compared to Android and iOS. Hell, technically even BlackBerry OS has more market share...

billstelling said,
Funny, if it was MS there would be 100 flaming posts here already.. I guess Google gets a pass from the Win haters..

Why should they get flamed? For what? That people are stupid enough to sideload apps which has the requirements "Send SMS/MMS". Also it's not 700,000 in the play store, it's 700,000 found around the web. The paper never mentions the Play Store.

neohelp said,
Problem is MS has this problem too but noone targets it because noone (1% does not really count as a target audience) uses Windows Phone.

Oh stop spouting anti-MS bull****. If you read market share figures from a reputable source you would see that Windows Phone was the only OS to see significant growth to 3% worldwide market share. BlackBerry actually lost market share.

More to the point when was this article ever about Microsoft, it's about malicious Android apps around the web. But I guess WP haters like you will use any excuse to bash it!!!!!!

neohelp said,

Its true. It has 1% compared to Android and iOS. Hell, technically even BlackBerry OS has more market share...

Uh, Windows Phone has surpassed BB OS in market share months ago. In various markets like Russia Windows Phone goes up to 20%. It's growing everyday.

The only market that Windows Phone has trouble getting into is North America. I guess websites like the Verge giving the Windows Phone ecosystem a 5 in 2013 are following their agenda. I wonder if Windows Phone also had 700.000 malicious apps they would increase the score, since it's clear they care so much about quantity.

billstelling said,
Funny, if it was MS there would be 100 flaming posts here already.. I guess Google gets a pass from the Win haters..

I guess you missed the GSPAM posts and a few other posts where people ragged on Google.

neohelp said,

Its true. It has 1% compared to Android and iOS. Hell, technically even BlackBerry OS has more market share...

That would have been true a year ago. There's over a dozen markets where WP has >10% market share, some of those markets >20%. Blackberry is a distant third now.

The only market where WP8 isn't doing well is the US market, which is no longer the most important market.

neohelp said,

Its true. It has 1% compared to Android and iOS. Hell, technically even BlackBerry OS has more market share...

Stop spreading misinformation.
over 20% in certain asian markets with double digit share in other non-American markets is hardly no one.

Technically, BB is out of the race with their only customer being Canadian Telcos and US DoD. Other carriers are switching to Windows phone for corporate use. While the rest of you are salivating over the next iThingy or Samsung Galaxy blarg, Windows Phone is hard at work becoming the next enterprise defacto-standard.
77% YoY growth for the platform is significant. Windows Phone will take over, especially when Enterprises that actually care about security should NEVER allow Android to exist in their BYOD scenario.

Grunt said,
Just goes to show the Windows Phone is the most secure. It's not even got 700,000 apps

3 out of 4 apps are malicious? Jesus.

This is one of the reasons I'm nervous about my 66 year old mother having an Android. I'd much rather her have an iPhone or Windows Phone

Chikairo said,
This is one of the reasons I'm nervous about my 66 year old mother having an Android. I'd much rather her have an iPhone or Windows Phone

Same thing happens on iOS. Doesnt happen on Windows Phone because almost noone uses it.

neohelp said,

Same thing happens on iOS. Doesnt happen on Windows Phone because almost noone uses it.
Noonie, eh? I guess I'm noonie.

Mulsivaas said,
Noonie, eh? I guess I'm noonie.

Yes, you are ALMOST noone. 1% of the malware mobile target audience. Noone really cares about Windows Phone.

neohelp said,

Yes, you are ALMOST noone. 1% of the malware mobile target audience. Noone really cares about Windows Phone.

3.7% ...! and growing!

However still not a huge market and thus not a very good target for malware.

neohelp said,

Yes, you are ALMOST noone. 1% of the malware mobile target audience. Noone really cares about Windows Phone.

I would rather be no one and not affected by malwares.

neohelp said,

Yes, you are ALMOST noone. 1% of the malware mobile target audience. Noone really cares about Windows Phone.

Yes and that's the exact same reason why Linux is 'secure' and all their fanboys call it the most secure OS in the history of the universe.

But when its about Windows, you get these arguments "no one really cares".

*sighs* double standards of some people, grow up already.

Kenman said,
not a very good target for malware.

Target nothing.
Microsoft's App submission process puts apps under more scrutiny than even iOS.
Good luck getting malware past Microsoft's automated vetting process.

neohelp said,

Yes, you are ALMOST noone. 1% of the malware mobile target audience. Noone really cares about Windows Phone.

Actually it is 3% of smartphone users.

There is also a fundamental difference in how Apps run on WP that makes most types of malware inert.

Even if a malicious App was to get through Microsoft's testing to be listed on the Windows Store, what the App can do or gain access to is significantly limited compared to iOS or Android. WP has a true isolation model.

Is WP 100% malware proof, nope. However it is far more secure than any general use OS platform.

(Microsoft almost crippled themselves with too much security with WP7, which is why WP8's framework is what opened the door for the surge in Apps in the last six months, as it offers new APIs and native code along with less managed DirectX access.)

neohelp said,

Same thing happens on iOS. Doesnt happen on Windows Phone because almost noone uses it.
Amusingly enough, I'm a Windows Phone owner

Her games are more on iOS, though. Darn Candy Crush has its clutches in her

So you cannot make the difference between real app and fake one? The go back to the apple store where everything is monitored by big brother apple...

DaveBG said,
So you cannot make the difference between real app and fake one? The go back to the apple store where everything is monitored by big brother apple...

It's very often impossible to detect looking at the the Play Store itself.

Not that we should have to detect anything in the first place...

King Mustard said,

It's very often impossible to detect looking at the the Play Store itself.

No, it isn't. There is always some kind of giveaway and the big one is permissions. If you install a free game that usually costs money and suddenly get a very high phone bill it's your own fault that you glossed over the permissions that give the app access to make phone calls. I would put this in the same realm as giving an app administrative permissions on Windows with UAC because you wanted free coupons.

King Mustard said,

Not that we should have to detect anything in the first place...

And this mentality is exactly what malware feeds off of. You're never safe from it and should always be on the lookout no matter what platform you are on because none of them are rock solid when it comes to security.

DaveBG said,
So you cannot make the difference between real app and fake one? The go back to the apple store where everything is monitored by big brother apple...

I'm far from technologically challenged like the vast majority of people/users.
But when I checked the Playstore some time ago, it's not always easy to distinguish legit from fake. Since you constantly encounter weird 'company names' in the stores, simple apps and what not. And the average joe not really caring since his IT buddies told him Android is perfect and safe.

contriver87 said,

No, it isn't. There is always some kind of giveaway and the big one is permissions. If you install a free game that usually costs money and suddenly get a very high phone bill it's your own fault that you glossed over the permissions that give the app access to make phone calls. I would put this in the same realm as giving an app administrative permissions on Windows with UAC because you wanted free coupons.

And this mentality is exactly what malware feeds off of. You're never safe from it and should always be on the lookout no matter what platform you are on because none of them are rock solid when it comes to security.


You never have to read permissions when downloading an app on the App Store. The way it should be.

Studio384 said,
700.000 of the 900.000 apps? Wow, that is realy bad.

Whats sad is people cannot read. It is not 700k out of 900k apps. It is 700k found and or removed in the last quarter. So no, 700k apps currently in the app store are not malicious.

techbeck said,

Whats sad is people cannot read. It is not 700k out of 900k apps. It is 700k found and or removed in the last quarter. So no, 700k apps currently in the app store are not malicious.

No matter how you explain it, 700k is terrifying.

Use something safe and restricted if you can't handle the freedom, or install software that will protect you from making bad decisions.

Well, it goes to show just how much Google cares about it's users.. iOS users don't seem to have that problem as bad as Google.

Apple kicks back apps and removes apps over little minor things or even non-issues as well. They also walled garden their entire OS platform which prevents you from installing non-endorsed apps. Something that Android does allow.

shinji257 said,
Apple kicks back apps and removes apps over little minor things or even non-issues as well. They also walled garden their entire OS platform which prevents you from installing non-endorsed apps. Something that Android does allow.

I use iOS and I have yet to find the desire to install a non-endorsed app.

If the app isnt available because the developers chose not to release it for iOS, that's one thing. But I've never had the need to sideload anything.

I'll be moving over to WP8 soon, and I feel the same way. The difference there will be that their app store is tiny in comparison and quality to Apple's.

shinji257 said,
Apple kicks back apps and removes apps over little minor things or even non-issues as well. They also walled garden their entire OS platform which prevents you from installing non-endorsed apps. Something that Android does allow.

And?
Walled garden is perfect for the majority of people. Look at the malware 700k on ANDROID.
If WP8 will get 1 or 2 malware apps through its store, want to guess what will happen? People will scream fire and burn MS to the ground.

Walled garden has its down sides, but so does the open nature of Android obviously. And I'd personally pick walled. And suggest people to go with the closed down systems of iOS or WP8/RT. Anyone suggesting people (average joe's) otherwise, should reread this article and Google/Bing for previous malware issues on Android.

Yeah, I think Apple have had only a couple slips throughout their entire duration with the app store? That's pretty impressive in that regard. That doesn't mean all the apps are great or anything, but I actually enjoy some of the quality control they have going on there.

I say this as a techy who still loves the things Android offers in that regard; majority rules after all.

dead.cell said,
Yeah, I think Apple have had only a couple slips throughout their entire duration with the app store? That's pretty impressive in that regard. That doesn't mean all the apps are great or anything, but I actually enjoy some of the quality control they have going on there.

I say this as a techy who still loves the things Android offers in that regard; majority rules after all.

Shadowzz said,

And?
Walled garden is perfect for the majority of people. Look at the malware 700k on ANDROID.
If WP8 will get 1 or 2 malware apps through its store, want to guess what will happen? People will scream fire and burn MS to the ground.

Walled garden has its down sides, but so does the open nature of Android obviously. And I'd personally pick walled. And suggest people to go with the closed down systems of iOS or WP8/RT. Anyone suggesting people (average joe's) otherwise, should reread this article and Google/Bing for previous malware issues on Android.

That's not exactly what I meant. They have kicked back perfectly legitimate apps that were approved to the app store previously. They do it for unknown reasons sometimes and in some incidents the devs have to fight pretty hard to fine out just why their app was removed when they tried to fix a bug with it.

@Shadowzz that's 700k over the lifetime of the market. Definitely not in one go.

Lifetime or not, if MS would have 1 single malicious app for WP8 in its store, you can imagine the uproar this will cause here on Neowin and the rest of the internet right? MS will get the full frontal assault of pretty much everyone.

And its their appstore, they can decice what gets allowed and what doesn't, I personally rather have them stricter as Apple or MS (preferably a middle-way or something)... compared to Android, where junk continuously gets approved for the Playstore.

Haven't we been over this?
I'm sorry, but if you're silly enough to install "My hot pic.jpg.apk", it doesn't matter where it's from, you're going to have a problem...

Raa said,
Haven't we been over this?
I'm sorry, but if you're silly enough to install "My hot pic.jpg.apk", it doesn't matter where it's from, you're going to have a problem...

Hopefully most people are smarter than that, but the problem is that way too many people are in denial that Android has a malware problem. Knowing is half the battle, right?

I've brought up the malware issue in various discussions around here, and people are baffled that I would say such a thing. Google doesn't need to become as walled-off as Apple, but they should really do more about this problem. If we can easily detect what's shady, they should be able to as well.

Haha, people opened up "my hot pic.jpg.exe" on MSN, Skype and other programs before
Nothing new, won't stop either.

And I've also had some conversations with people thinking mobile phones are "safe and secure".
Funny, several people around me, do all their banking on their phone. Transferring money, getting the confirmation code sms text... all on 1 phone. And worst, its often Android
And when I tell em I don't do banking on my phone and have my confirmation texts send to my old Nokia, they think I'm insane
I know WP8 is secure enough to not have to worry about issues. But that's only currently. Who knows what exploits are already out there or will come around in the future.....
And those people that keep wondering why telemarketers call them, while they download free app after free app, which cancels any subscription to the dutch IVR (BMNR) system

People are dumb, they truly are, and need to be protected from eachother, it makes my crinche if so called IT dudes keep suggestion people to go Android, and not worry about security and telling them they can do their banking all on their phone without any issues....
Yeah right, the phone doesn't have to be secure for jerks to abuse this. Setting up a broadcasting tower is easy, for 150euro you have a mini-tower in your home people will unnoticeably use

"So you are browsing through the Play Store and you find a cheaper, identical version of the app that you want to buy. " - Then you deserve to have your phone infected and bank details phished because you're a f'ing moron.

Until you acquire some common sense, give your phone to someone who has a clue.

The amount of people running windows vista/7/8 and still get the 'Microsoft Super Anti Virus Malware Detector 2015' popup in IE which is based off XP GUI and stick click 'yes' to download... The mind boggles

isn't that the point of the smartphones? to be user friendly and not require an IT degree to use.

It's one of the reasons why i recommend to people Windows Phones and iPhones as people shouldn't have to worry about what apps they are installing and using, this is just recreating the IT hell of the mid 2000's when every bit of crap virus / malware would infect computers everyday.

If someone was to install these apps elsewhere well thats there problem, but to get these from the official google store is not good enough. It seems that Google is sacrificing a high app count over security, perhaps new app submissions should be a little slower but checked a little more thoroughly.

Hope those whose bank passwords got stolen have 2 step authenticating system for internet transactions. That is getting a password on mobile before making payment.

Neobond said,
No but it's kind of sad that apps like this can be in the Play Store.

Same thing with Windows OS...well, Like XP and 7 which still widely used and will be for some time. They get infected more than any other OS.

What is sad is people still fall for this crap and lack common sense. Especially with all the info available to everyone on the internet.

REM2000 said,
isn't that the point of the smartphones? to be user friendly and not require an IT degree to use.

It's one of the reasons why i recommend to people Windows Phones and iPhones as people shouldn't have to worry about what apps they are installing and using, this is just recreating the IT hell of the mid 2000's when every bit of crap virus / malware would infect computers everyday.

If someone was to install these apps elsewhere well thats there problem, but to get these from the official google store is not good enough. It seems that Google is sacrificing a high app count over security, perhaps new app submissions should be a little slower but checked a little more thoroughly.

No that's not the point of a smartphone. A smartphone is intended to be a functional PC in your pocket. Whether or not it's easy to use is down to the OS maker. I think that Android, iOS and WP are all very easy to use, but of the three Android offers the greatest flexibility by supporting the largest number of customizations and the ability to sideload apps, which, as a side effect makes it a little more complex to use out of the box.

Androids flexibility however, comes with risks. This is much the same risk that as desktop OS has that allows users to install applications. If people are going to tick that "Allow packages from unknown sources" button, they should know the risks.

What IS unacceptable though is that Google allows this stuff through the official store. I appreciate that they are lenient on what can be added, as in many cases this allows Android to have apps that are not allowed on other platforms. They should be scanning these apps for malicious intent though. Trojans posing as legit apps absolutely should not be allowed.

techbeck said,

Same thing with Windows OS...well, Like XP and 7 which still widely used and will be for some time. They get infected more than any other OS.

Compare a phone OS to a phone OS. You don't see anything even remotely similar on Windows Phone or anywhere near the same extent on iOS. If you are comparing tablets, compare like with like again. You won't see any of this on Windows RT (or on iOS).

Don't excuse Android's failings by comparing it with a desktop operating system, particularly a 12 year old one.

K.John said,

Don't excuse Android's failings by comparing it with a desktop operating system, particularly a 12 year old one.

XP is old, 7 isnt that old, and I have seen malware on win8 as well. Point is, the problem exists else where and this is nothing new. And if people were educated and not doing stupid **** all the time, then this wouldnt be much of an issue. And these days, there is no excuse to not know the dos and dont of using computer equipment. Whether it be a smartphone, or a desktop system. You click on random links, download random apps (especially those not from an official source), you cannot just blame the platform you are using. Antivirus/antimalware will only do so much to protect a user and Google/MS can only do so much as well. Cannot protect fully against stupid.

Luckily non of my family has issues and a few of my friends only have minor problems. They know they can contact me if there are any questions/concerns and I personally have not had malware on any of my systems in over 15 years.

techbeck said,

Same thing with Windows OS...well, Like XP and 7 which still widely used and will be for some time. They get infected more than any other OS.

What is sad is people still fall for this crap and lack common sense. Especially with all the info available to everyone on the internet.

If you have access to all that information on the Internet you'd know that Windows 7 is one of the safest OSes ever. It's easier to infect a Mac than a W7 PC.

It's sad that people still fall for this crap.

techbeck said,

XP is old, 7 isnt that old, and I have seen malware on win8 as well. Point is, the problem exists else where and this is nothing new.

A phone is not a desktop. You are only taking this line of argument, whether intentional or not, because neither of the other 2 large phone platforms (or equivalent tablet platforms) have this issue. If Android was a desktop OS comparable in functionality with Windows, your argument would be sound, and specifically in that context.

techbeck said,

And if people were educated and not doing stupid **** all the time, then this wouldnt be much of an issue. And these days, there is no excuse to not know the dos and dont of using computer equipment. Whether it be a smartphone, or a desktop system. You click on random links, download random apps (especially those not from an official source), you cannot just blame the platform you are using. Antivirus/antimalware will only do so much to protect a user and Google/MS can only do so much as well.

So what you are saying is, people have to be educated about the dos and don'ts, etc. etc if they want to use Android. You and I know that's not going to happen anytime soon. You can sit around wasting time educating people and yet have them do everything you told them not to - my time is too valuable for that. How about the people who do not have someone like you or I in their lives? The answer to all these sets of people is simple. Just get a Windows Phone or an iPhone. (This is a logically sound statement, and not borne out of some misguided love for Windows Phone or iPhone)

techbeck said,

Cannot protect fully against stupid.

Really? A Windows Phone user cannot infect his phone even if he wanted (the underlying architecture is as such). An iOS user would have to try really really hard. On the other hand, even with my advanced technical knowledge, I couldn't guarantee an Android phone I'm using is fully secure. Also, I would hestitate very little about signing into my bank's site through the browser on any Windows Phone (even handed to me by a random person on the street). I would NEVER EVER do that with an Android phone. That says a lot about Android.

techbeck said,

Luckily non of my family has issues and a few of my friends only have minor problems. They know they can contact me if there are any questions/concerns and I personally have not had malware on any of my systems in over 15 years.

Yes, precisely, "Luckily". None of this is necessary with Windows Phone or even iOS. I don't have to think twice about whether my mother's Windows Phone is secure. And she nevers has any questions about its functionality either. To quote a cliche, it just works. Sure, several aspects of comparions between mobile platforms boil down to individual opinions but this is simply black and white. Your inclination to try to diminish this is just disingenuous. Android has several things going for it, but provable security is simply not one of them.