8,400 new Android malware samples every day


The Android operating system clearly dominates the mobile market, with a share of around 72 percent. In Germany alone, around 67 percent of smartphone owners use a device with an Android operating system (source: Statcounter). G DATA security experts discovered over 750,000 new Android malware apps in the first quarter of 2017. That represents almost 8,400 new malware instances every day.

Following a new negative overall record of over 3.2 million new Android malware files in 2016, the year 2017 was off to a slower start in comparison with same quarter of the previous year. G DATA security experts counted 750,000 new malware files in the first quarter of 2017. The malware figures remained the same in the fourth quarter of 2016. The threat level for users with smartphones and tablets with an Android operating system remains high. In all, the G DATA security experts expect around 3.5 million new Android malware apps for 2017. 

Low distribution of Android 7

Security holes in the Android OS are nothing unusual, as with other operating systems and software. Numerous companies such as Microsoft, Adobe or Google are simply expected to regularly publish security updates for their software products at least once a month. Owners of Nexus or Pixel devices receive updates for these directly from Google.

2.3. - 2.3.7 ("Gingerbread")0,9%
4.0.3 - 4.0.4 ("Ice Cream Sandwich")0,9%
4.1.x - 4.3 ("Jelly Bean")10,1%
4.4 ("KitKat")20,0%
5.0 - 5.1 ("Lollipop")32,0%
6.0 ("Marshmallow")31,2%
7.0 - 7.1 ("Nougat")4,9%

Source: Google, Status April 2017

Only 4.9 percent of smartphone and tablet users have Android 7, which has been available since August 2016. 20 percent still use version 4.4, 32 percent version 5 and 31.2 percent Android 6.0. The problem is that third party providers do not adapt the new operating system for older devices ("older" in this case meaning one year or more). Sometimes, newer operating system updates are not published at all. Hence, in many cases it can take a long time before any updates are provided. That is, if they are provided at all.

When buying a mobile device, users cannot estimate how long updates will be provided for it. By comparison, the same basic Windows operating system is installed on every computer, so every user can be sure of receiving comprehensive security updates. It is also easier to estimate how long security updates for the respective operating system will be available. For example, Windows 10 will receive updates until October 2025.

However, in the mobile sector the need for timely updates is increasing. Security holes are not only a constant problem with Windows PCs - they have increased in significance in the mobile sector as well. With Stagefright, G DATA security experts have even analysed vulnerabilities of Android devices.

This situation is difficult for users to manage and represents a significant security risk.

What can users do to protect themselves?

A comprehensive security solution is becoming more and more important for smartphones and tablets. The security app should include a virus scanner that checks the mobile device for Trojans, viruses and other malware. Furthermore it should include surfing and phishing protection to secure users against dangerous emails and websites.

Similar to Windows PCs, keeping the operating system as well as any installed apps up-to-date is an essential step to enhance security: . Therefore using a current Android version is recommended. Many smartphone and tablet manufacturers launch a new top model every year. In addition, there is a wealth of mid-range and low budget devices. Unlike with Windows, it is not clear with third party providers at the time of purchasing for how long a smartphone will be provided with security updates.

The unclear update procedure with third party providers represents an unnecessary and avoidable security risk for users. Smartphones and tablets play an important role in everyday private and working life. Comprehensive security is especially important for banking and shopping via mobile devices. But it is also essential for companies to ensure that smartphones and tablets that are used for business purposes always get the latest security updates. An open security hole that attackers can exploit can lead to enormous commercial damage.

The problem with the spread of new Android versions and patches is that the release and development chain of special versions for manufacturers and their products is too long. Even if Google provides a patch, third-party vendors will have to adapt it so their partners (e.g. like mobile carriers) can adapt it. This either takes ages to complete or fails completely. In order to implement a more rapid and cross-manufacturer update, especially with Android, it is important to change the way of thinking. To ensure faster updating for Android, it is important that providers have a rethink.