Google Play store has been found to be the main distribution vector for malware on Android phones. Research conducted by NortonLifeLock and the IMDEA Software Institute in Madrid found that 67.2 percent of the malicious app installs came from Google Play. However, the researches pointed out that this was due to the huge volume of downloads from Google Play compared to other sources, and added that its defences do work, for the most part. The researchers recorded data from 7.9 million apps from 12 million Android devices over a four-month period between June and September, 2019. According to the researchers, third party app stores were only responsible for 10.4 percent of malicious app installs.
The research titled ‘How Did That Get In My Phone? Unwanted App Distribution on Android Devices’ has been published on SemanticsScholar website and shows the Google Play store is the primary source of malware installs on Android phones. The analysis includes data from 7.9 million apps from 12 million Android devices. It compares app downloads from the Play store, alternative markets, web browsers, from commercial PPI (pay-per-install) programs, from instant message, and seven other sources.
The Play store is the main aggregator of apps for Android devices and is home to countless apps and games. It was found that 87.2 percent of total app downloads on Android come from the Play store, but the sheer volume of downloads is also why 67.5 percent of installs for malicious apps come from it. The research states that the vector detection ratio (VDR) for the Play store is still the lowest compared to other sources of app installs.
“Its [Play store] VDR is only 0.6 percent, better than all other large distribution vectors. Thus, the Play market defenses against unwanted apps work, but still significant amounts of unwanted apps are able to bypass them, making it the main distribution vector for unwanted apps,” says the research.