Trend Micro claims 1 in 10 Android apps are malware

Trend Micro has been very vocal about the state of Android malware in the past, claiming that there will be 1 million cases of Android malware in 2013, and now the security company is beginning to back these predictions up with facts. Out of 2 million applications scanned using the Mobile App Reputation Service, including the full catalog of apps available on the Play Store, they believe 1 in 10 apps are malware.

From over 2 million applications analyzed, Trend Micro found 293,091 of them to be outright malicious, while a further 150,203 were deemed to be "high risk", contributing to a grand total of 443,294 dodgy applications for the platform. Of the 293,091 malicious apps, 68,740 of them were sourced directly from the Google Play Store; as the Store currently has around 700,000 apps, that roughly equates to 1 in every 10 apps being malicious.

Aside from just malicious code, Trend Micro found 22% of apps inappropriately leaked user data, sending things such as IMEI numbers, ICCID numbers, contact data, telephone numbers and even microphone data over some sort of network. The security company also found a good 32% of apps were "Poor" in terms of battery usage, while 24% were poor in network usage, and 28% were poor in memory usage.

Trend Micro hopes that by releasing data such as this, people and companies will start to believe that the threat of malware on mobile devices is actually real. They close their blog post on the matter by saying "it would be heartening to see more app stores taking the safety of their customers so seriously", in reference to BlackBerry integrating Trend Micro technologies into their BlackBerry World.

Source: Trend Micro

Report a problem with article
Previous Story

Adobe Reader and Flash exploits found at Pwn2Own

Next Story

Apple offers up to $100 off products through "secret" eBay store

33 Comments

Commenting is disabled on this article.

rippleman said,
its funny to see all droidboys get defensive even if the story could be exaggerated

I can't stop laughing . Lol
Seriously it is funny to watch them . They are the first people to start name calling in apple topics lmao. Thank god my iPhone has nothing but 100% top Quialty apps

Nomenclature. Anything that requires Internet access for ads is adware - a subset of malware, in my book at least.

I knew that, just look at the permissions even the most simple app needs, not every app of the same type needs all those permissions, so use your brain and dont just blindly install every app you see without checking the permissions it needs. and read the user comments on said app.

Damn trendmicro, I have 40 apps downloaded on my phone not even one of them contain malware. Well **** I must be using the app store wrong.

you have another program that tells you you don't have malware, you can see everything that is being sent from your phone????.

I love all these fanboys saying they don't have anything on there phone, but what are they using to tell them they don't have anything.

korupt_one said,
you have another program that tells you you don't have malware, you can see everything that is being sent from your phone????.

I love all these fanboys saying they don't have anything on there phone, but what are they using to tell them they don't have anything.

I love all these ignorant Google bashers. You can see the app's permissions and what its using and you can see how much data/ when its sending data.

1 in 10 trendmicro detections are false positive. doesn't av-comparatives regularly rank trendmicro as one of the worst antivirus programs?

If Trend Micro says the truth, why they don't release a list with those apps?
It's true that some apps are malware but they do not reach 1 in 10

Trend micro doesnt need to download and install thousands of apps to come to thier conclusion, if you read the permissions most of those apps need, you can easily come to the same conclusion.

Nothing better was expected from Google. Used a sgs3 and started getting some really nasty mails on my Gmail account. Had to delete account, sold the Galaxy on eBay. Now happy with outlook.com and WP.

Must've downloaded hundreds of apps at this stage and i'd save i've only found 2 or 3 dodgy ones...

A lot more people are going to defend these intrusions of privacy and look the other way with malicious behavior now. A lot of people profit from data mining and ad revenue based software these days. Everyone and their mother are trying to get in on the app frenzy. What is acceptable today would have sounded absolutely preposterous to people in the past.

Hello,

As someone who works for a competitor of Trend Micro that also makes anti-malware software for Android (but I am personally more focused on the Windows ecosystem right now), I cannot say that I have any data which supports or refutes their claim of nearly 10% of Android apps in the Google Play store being capable of performing malicious behavior, but I would like to point out that Android-based software is largely supported by ad revenue; even more so than iOS.

As such, their claim does not surprise me, as so many Android apps collect data which can be used for targeting advertisements.

Regards,

Aryeh Goretsky


I see all the android fanboys come out when something is wrong and deny the whole thing and blame it on a antivirus company just wanting to push an app, but when ms is reported to have a virus the same cronies come out with guns blazing putting down windows left right and center. Grow up android is one of the most infected pieces of software that there ever was. Anyways android is starting there slow decline into the pit of hell now. When Samsung moves on it will be game over. China, the largest mobile market in the world wants business and consumers to start using something other than android. Android has the marketshare right now pretty much thanks to Samsung, once they go and china starts dropping android the OS has already begun its demise. live with it android fanboys.

korupt_one said,
Grow up android is one of the most infected pieces of software that there ever was.

Proof? I have yet to come across a single Android phone infected with anything. Maybe you should spend a little less time raging out about "fanboys" and a little more time educating yourself. Grow up indeed.

and how would you know that it is infected??? show me proof that 1 android phone is not infected. There have been a few articles now showing proof that android is indeed infected both google play( which google admitted) and 3rd part stores. so yes grow up indeed.

korupt_one said,
and how would you know that it is infected??? show me proof that 1 android phone is not infected. There have been a few articles now showing proof that android is indeed infected both google play( which google admitted) and 3rd part stores. so yes grow up indeed.

The claim is that Android is riddled with malware. It's not I who should be providing proof it isn't infected. But I suspected such a response. When you can prove the ridiculous claim that so many phones are infected, I'll take you more seriously. Until then, you're simply talking out of your ass.

TurboShrimp said,
android market is like the black market all the apps that IOS Rejected lol

AHAHAHAHAH DURRRRRRRRRR!!!!!!!!

TurboShrimp said,
android market is like the black market all the apps that IOS Rejected lol

Oh look, another sheltered iToot!

I bet you've searched for an "App" on the iOS AppStore telling you how many babies can you make with Apple's permission.

I'm not in to apps other than a few from trustworthy sources, like a bank (RBC), the weather network, and yellow pages. All I've ever used other than some that are already on the phones.

Their definition of 'rooter' seems to be complete FUD to me... So unless I'm just outdated, if they can't get the name right then I wouldn't trust their stats.

Hello,

What Trend Micro calls a 'rooter' I would call a 'bot,' but I am more focused on PC than mobile platform malware these days.

Regards,

Aryeh Goretsky

Yes exactly, 'rooting' is done on servers to advance from an unpriviledged user to the root account or 'rooting a phone' to unrestrict access in my mind.

Anti Virus company , finds malware and shouts about it !

Who'd have thought it ? lol.

But the stats backed with facts are alarming..

It shows the general trend of developers are 10% of them actually choosing android platform for dirty works

Mind you, being open source is never safe, as android may very soon turned into Windows story with such high amount of security threat to it..