Google Play store - The Virus Downloader

 We all are google play store everyday in order to download a lot of stuffs. But we are not just downloading apps and games but we are downloading malwares too.

Google Play store has been found to be the main distribution vector for malware on Android phones. Research conducted by Norton LifeLock and the IMDEA Software Institute in Madrid found that 67.2 percent of the malicious app installs came from Google Play. However, the researches pointed out that this was due to the huge volume of downloads from Google Play compared to other sources, and added that its defences do work, for the most part. The researchers recorded data from 7.9 million apps from 12 million Android devices over a four-month period between June and September, 2019. According to the researchers, third party app stores were only responsible for 10.4 percent of malicious app installs.


The research titled ‘How Did That Get In My Phone? Unwanted App Distribution on Android Devices' has been published on Semantics Scholar website and shows the Google Play store is the primary source of malware installs on Android phones. The analysis includes data from 7.9 million apps from 12 million Android devices. It compares app downloads from the Play store, alternative markets, web browsers, from commercial PPI (pay-per-install) programs, from instant message, and seven other sources.

The Play store is the main aggregator of apps for Android devices and is home to countless apps and games. It was found that 87.2 percent of total app downloads on Android come from the Play store, but the sheer volume of downloads is also why 67.5 percent of installs for malicious apps come from it. The research states that the vector detection ratio (VDR) for the Play store is still the lowest compared to other sources of app installs.

GOOGLE'S PLAY STORE for Android apps has never had a reputation for the strictest protections from malware. Shady adware and even banking trojans have managed over the years to repeatedly defy Google's security checks. Now security researchers have found what appears to be a more rare form of Android abuse: state-sponsored spies who repeatedly slipped their targeted hacking tools into the Play Store and onto victims' phones.

Interestingly, unofficial alternate markets that had a total of 5.7 percent downloads had just over 10 percent unwanted installs. Installs from backups account for 2 percent of the total installs and 4.8 percent were unwanted. Installs from package installers account for 0.7 percent of the total and are responsible for 10.5 percent unwanted installs.

It was also noted that between 10 and 24 percent of user devices come across at least one unwanted app. Lastly, the research points out that app distribution via commercial PPI services on Android is significantly lower compared to Windows.

At a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the Play Store to target users in Vietnam, Bangladesh, Indonesia, and India. Unlike most of the shady apps found in Play Store malware, Kaspersky's researchers say, PhantomLance's hackers apparently smuggled in data-stealing apps with the aim of infecting only some hundreds of users; the spy campaign likely sent links to the malicious apps to those targets via phishing emails. "In this case, the attackers used Google Play as a trusted source," says Kaspersky researcher Alexey Firsh. "You can deliver a link to this app, and the victim will trust it because it’s Google Play."


The Play store is the main aggregator of apps for Android devices and is home to countless apps and games. It was found that 87.2 percent of total app downloads on Android come from the Play store, but the sheer volume of downloads is also why 67.5 percent of installs for malicious apps come from it. The research states that the vector detection ratio (VDR) for the Play store is still the lowest compared to other sources of app installs.

“Its [Play store] VDR is only 0.6 percent, better than all other large distribution vectors. Thus, the Play market defenses against unwanted apps work, but still significant amounts of unwanted apps are able to bypass them, making it the main distribution vector for unwanted apps,” says the research.

Post a Comment

0 Comments