Threat Report Ranks Google Play Store As Second Most Dangerous Place To Download Apps

As with many things in life, when it comes to mobile app security, you win some and you lose some. So it goes for Google and its Play Store. A new 2019 Mobile App Thread Landscape Report put together by RiskIQ pegs the Play Store as being the second most dangerous place to download apps, in terms of the number of malicious apps that were hosted last year. At the same time, the Play Store showed a big decline in malicious apps in 2019.

This is somewhat of an important ranking, considering that users downloaded over 200 billion apps in 2019, and spent more than $120 billion in app stores around the world, according the report. Looking ahead, the RiskIQ expects both figures to be even higher for 2020, with the firm noting users spend 3.7 hours on average (and rising) on apps.

One especially troubling trend the firm noticed was the prominence of so-called rogue apps. These are apps that mimic well-known brands and are designed to trick users into downloading them.

"On rare occasions, these rogue apps appear in official stores, even breaching the robust defenses of the Google Play and the Apple App stores. However, there are hundreds of less reputable app stores that represent a murky mobile underworld that exists outside of the relative safety of reputable stores," RiskIQ says.

Malicious Apps
Source: RiskIQ

When casting a wider net, RiskIQ identified as having the most malicious apps last year, with 61,699 of them. Google Play came in a distant second at 25,647. That's still a disturbingly high number for a trusted app store, though to Google's credit, that figure is 76 percent lower than it was the year before.

Google also hosts a ton of apps. If looking at the highest concentration of malicious apps, the top 5 offending hosts include, Feral apps, VmallApps. Xiaomi, and Zhushou. These are the app stores users are most likely to download a malware-laden application for Android.

"Users should be discerning and skeptical when downloading anything and have passive protection such as legitimate antivirus software along with regular backups. Although they cannot make up for preventative measures such as checking permissions, anti-malware products provide some protection from malicious code," RiskIQ says.

Apple's App Store is not mentioned anywhere in the report, which is a good sign for iOS users. As far as app uploads go, Google ranked No. 4 with 714,678 new apps in 2019, while the App Store ranked No. 5 with 456,676 new apps.