New Android security report is alarming, but not because of the amount of malware

BY GreenBot Staff

Published 5 May 2017

’re all used to hearing about how horrible malware is on Android, but a new report is the most disturbing yet. Security firm G Data is projecting that not only will new Android viruses exploits reach new heights in 2017, but a new one will be discovered once every 10 seconds. But before you toss your Android phone in the trash, let’s explore how bad it really is.

ile 8,400 malware discoveries every day is certainly alarming, it’s important to know that they’re not coming from the ay Store. There are millions of Android phones around the world that connect to their own dubious third-party app stores, millions more that side-load suspect apps to bypass paying for them through the ay Store, that’s where nearly all of the 3.5 million malware instances will come from this year.

But that’s not to say you’re completely in the clear. Android is the most popular mobile OS by a wide margin, with popularity comes malfeasance. Android will always be a target for hackers, as such, has taken great strides in Nougat Android O to limit the chance that your phone could get infected.

No Nougat

There’s just one problem: According to the May distribution numbers, just 7.1 percent of all Android phones are running Nougat, less than the 7.5 percent that were running Marshmallow at this time last year. That means they’re not only missing out on some great features, they’re also behind the times when it comes to security. Many of the phones bought last year will never get the latest update, even a br new flagship like the Galaxy S8 is still running an OS that’s several versions behind.

And while has set a new stard with monthly security updates that most manufacturers do a decent job with delivering, after a short while, those start lagging behind too. Even ’s devices have a pretty short expiration date of just two years for version updates three years for security patches, right on schedule, the Nexus 6 Nexus 9 are no longer being updated.

It’s one thing to withhold certain new features that the hardware can’t support, but security updates shouldn’t have such a short end-of-life date. Microsoft has vowed to support ndows 10 through 2025, but if you buy a xel today, you already know that it won’t get Android Q. And that means it won’t have the latest security measures to fend off future malware.

One step behind

Android O brings a pretty major change to how outside apps are installed. eviously you only needed to flip a single toggle to allow your phone to accept installation of apps from unknown sources, but with Android O, it’s on an app-by-app basis. So, if there’s a malicious app on your phone that’s trying to muck up your system, it won’t be able to inflict any damage unless you give it explicit permission.

roid o external apps

Android O makes you approve installations on an app-by-app basis, decreasing the likelihood of a malicious app.

But most phones will never see Android O, including the Nexus 6 Nexus 9 that were on sale just two years ago. is in a constant fight against malware on Android, but the struggle isn’t just against the attackers, it’s also over the delivery. Hackers love to target old exploits that people haven’t patched, more than 90 percent of Android phones are at risk just because Android N hasn’t reached them yet.

Better cooperation between its major OEMs is essential to ensure that as many phones as possible are kept up to date with security patches. Most of the 3.5 million instances of malware that crop up this year will never get close enough to infect your phones, but it only takes one. And while you can certainly protect yourself by staying away from unverified sources, there’s always the temptation to get that hot new app early or try out that cool A that won’t allow in the ay Store.

And it would be nice to know that there’s a proper line of defense in place in case one of them turns against us.