In its fifth annual Android security and privacy report, Google said there has been an increase in “potentially harmful applications” (PHAs) since 2017. However, the company said that the “overall health of the Android ecosystem” has improved.
Google said the percentage of PHAs downloaded from Google Play increased from 0.02 percent in 2017 to 0.04 percent in 2018, which it attributed to the fact that it now includes click fraud in the PHA category.
“This increase is due to the change in methodology of upgrading the severity level of click fraud applications from policy violations to PHAs,” Google said in the report. The 2018 figure would fall to 0.017-percent if click fraud had been omitted.
"If we remove the numbers for click fraud from these stats, the data shows that PHAs on Google Play declined by 31 percent year-over-year," the report said.
Combating malicious apps
Google has said that it’s continuing to make improvements in its ability to keep malicious apps from infiltrating its Play Store. The tech giant’s past efforts to keep out bad apps have included debuting Google Play Protect in 2017, an AI-driven feature which is able to scan over 50 billion apps daily.
But despite its efforts, problematic apps have still been able to enter Google’s Play Store. Just last month, a security research team discovered that more than 200 apps on the Play Store were spreading adware codenamed "SimBad." Google pulled the infected apps, but the apps had already been downloaded 150 million times.
In February, Google said it had fixed vulnerabilities in more than 75,000 apps in 2018, up 70 percent from 2016. The company added that it was able to remove 99 percent of harmful apps before they had been installed.
In its year-in-review Android security report, Google was optimistic about its 2018 figures.
“In 2018, the ratio of PHA installs to total installs decreased by roughly 38% from the previous year, so the overall health of the Android ecosystem improved,” the company stated.
“In 2018, 0.92% of sideloaded apps were PHAs, compared to 1.48% in 2017. In context, this positive downward trend doesn’t include pre-installed apps. Nevertheless, with the exception of the top PHA category (backdoors) and the new category (click fraud), all PHA categories saw strong declines outside Google Play,” the report said.