The security of devices that installed apps from outside of Google Play has improved however: In 2017, 0.82 percent of these devices were affected by PHAs.
The data also shows that newer versions of Android are less affected by PHAs.
“We attribute this to many factors, such as continued platform and API hardening, ongoing security updates, and app security and developer training to reduce apps’ access to sensitive data,” said Jason Woloz and Eugene Liderman of the Android Security & Privacy Team, in a post on Thursday. “In particular, newer Android versions—such as Nougat, Oreo and Pie—are more resilient to privilege escalation attacks that had previously allowed PHAs to gain persistence on devices and protect themselves against removal attempts.”
Geographically, PHA rates in the 10 largest Android markets have remained steady on average. However, some points stood out: India saw the most significant decline in PHAs present on devices, with the average rate of infection dropping by 34 percent. Indonesia, Mexico and Turkey also all saw a decline in the likelihood of PHAs being present on devices in the region. South Korea saw the lowest number of devices containing PHAs, with only 0.1 percent.
“Since 2017, we’ve reduced [the number of devices infected with PHAs] by expanding the auto-disable feature,” Woloz and Liderman noted. The auto-disable feature flags potential malware and requires user action to continue the installation. “While malware rates fluctuate from quarter to quarter, our metrics continue to show a consistent downward trend over time.”