Filed Under: Sticky
June 22, 2010

SMobile has published two previous whitepapers on the Android Market that have documented specific types of malicious applications and threats.  In this new whitepaper, SMobile has taken a more inclusive look at over 48,000 applications in the Android Market for applications that, based upon permissions and other attributes, could be considered malicious or suspicious.  This is the most comprehensive security analysis to date of the Android Market and has yielded staggering results.

pdfAnalysis of Android Market

Update: SMobile stands by the data unearthed in our study of the Android market. The key findings remain that thousands of applications available on this market are granted permissions that have the potential of placing the mobile device, sensitive user data and carrier networks at risk. SMobile has acknowledged and referenced four separate times in the whitepaper report that the Android Operating System and Android Market prompt users for permissions upon installation of applications.

Notwithstanding, the risk resides around the fact that users are not always knowledgeable enough to make decisions about the permissions they are allowing, nor do they take the time or give the proper credence to understand the implications. The most fundamental security concerns involving technology and the spread of Malware are around the poor decisions that humans make.

SMobile released the report with the goal of bringing to light that end-users need to make educated decisions regarding the applications they are installing and that they can use third-party security technology to assist in making these decisions. When a situation exists where applications categorized as “Entertainment”, “News and Weather”, “Sports” and “Comics” are granted permission to make phone calls without the user’s knowledge, it is the responsibility of SMobile to bring to the attention of the public that over-reaching permissions in the Market pose a tangible risk and ripe environment for exploitation. These findings do not, in any way, disparage the Android Operating System or the Android Market. To be clear, SMobile is not singling out a specific platform and has released several vulnerability studies in the past, looking across all smartphone operating systems. This study of the Android Market was simply the latest.