Based on telemetry data given by NortonLifeLock, researchers thoroughly analyzed the sources through which users installed apps on nearly 12 million Android devices in a span of four months between June and September of 2019.
Looking at the total further, then researchers checked 34 million APK (Android application) installs for 7.9 million unique apps. The results came out in the form of different classifications of Android malware and 10%-24% of the apps were either estimated to be malicious or unwanted.
While the researchers dived deep into “who-installs-who relationships between installers and child apps” to identify the path of the malicious apps, they found out 12 major categories that are listed below.
Much to one’s surprise, the research showed that 67% of the malicious app installs came into the phone through Google Play Store. Only 10% came via alternative markets which now proves this baseless assumption wrong that malware in Android phones usually come from third-party app stores.
However, with such a large number of malware emerging from Google Play Store, there was another surprising fact in the form of Play Store having a small threat-to-legitimate app install ratio (VDR) with only 0.6%. This means that while much of the defenses set on Play Store for unwanted apps work really fine, some still manage to slip through the cracks.
In most cases, the sheer number gets ignored and the VDR index turns out to be a primary indicator for maliciousness, which then also led researchers to the widespread misconception that users download malware by opening certain web pages or through alternative markets.