If you’ve got an infected Android smartphone or tablet, you’re not alone.
But what if you’re one of millions who don’t have a functioning, working smartphone or computer?
A new study from the University of Minnesota reveals that the vast majority of users still have the malware embedded in their devices, despite recent advances in security.
The researchers analyzed more than 50 million Android apps and downloaded more than 5.6 million apps to test the viability of their findings.
As it turns out, there are plenty of malicious apps out there.
“The vast majority are malicious because the developers don’t know how to stop them, the apps aren’t written in a secure manner, and the apps are not optimized to avoid exploits,” lead researcher Andrew Poon wrote in an email to Ars.
“It is possible that malicious apps are present in the wild, but most malicious apps, by far, are still present on a smartphone or laptop.”
In other words, the majority of apps on Android devices are still vulnerable to malware.
In fact, nearly a third of apps downloaded from Google Play were malicious, according to Poon’s analysis.
This makes sense: Android phones are a large market for app developers and users.
The Android operating system is home to a lot of popular apps and games, like Angry Birds, Angry Birds: Champions, and Angry Birds Go, and apps from popular apps like Skype and WhatsApp are popular too.
Poon and his team used the AppScan app to scan each app downloaded from the Google Play store.
While they weren’t able to check for malicious apps on the Play Store, they were able to confirm that most of the apps downloaded had malware.
“Most of the malware that we were able do was not from a malicious app, it was from the apps that were downloaded from a Google Play Store app,” Poon said.
“This is a big deal because it means that most Android malware is not just from a malware company but it’s actually from the app developers themselves.”
The researchers also used AppScan to test apps on Windows 10 devices.
While many of the popular Windows apps were infected with spyware, Poon noted that the majority were not.
“While Windows 10 apps are generally more secure than their Windows 7 counterparts, we were surprised to see malware being installed on Windows apps on a significant scale,” Poomin said.
Poomins team then used Appscan to look for apps that used the same URL as the malicious app.
“In the case of this particular URL, we noticed that the URL was hosted on a compromised domain, so we thought that this might be a possibility,” he said.
AppScan’s findings didn’t surprise Poon: the majority, 96 percent, of apps that downloaded from Play Store apps were actually malicious.
“We found that the URLs were all hosted on the same server, which is a server that is compromised on a daily basis,” Pook said.
That server is the one hosting all of the malicious apps in the sample.
While some apps were downloaded by just one person, Poomas team discovered that the number of infected apps on multiple devices varied significantly, with about a quarter of the infected apps appearing on Android phones and tablets.
Appscan was able to detect these devices by scanning for the “AppScan” HTTP header in the app’s URL.
When a user visits an infected URL, they’re presented with an ad that contains malware.
AppDetect, a third-party app detection tool that Poon used, can identify malware on Android by analyzing how the app is being used and whether the malware is installed.
Pimp my Android article You don’t need to install AppDetect to check if your Android phone is infected.
App detection is one of the many security measures that Apple and Google have put in place to protect users’ devices.
But even if you don’t use a VPN, you can still use AppDetect and see if your device is infected by searching for the AppDetect HTTP header.
“You can just open AppDetect on your phone and it’ll show you a list of apps,” Poo said.
When you search for an app, AppDetect will display a list containing malicious links that contain a link to download malicious software.
When an app downloads the malicious link, it opens a popup that contains an error message.
If you click on the error message, you’ll see a list that includes the malicious URLs.
If AppDetect detects malicious links in an app’s app, you will be prompted to download the malicious code, which then executes.
“AppDetect is a really powerful app that we can use to see what the app was doing before the malicious URL was downloaded,” Puckin said in an interview with Ars.
While the research showed that a majority of Android apps were still vulnerable, the researchers did find some apps that weren’t.
“One of the most surprising findings was that the malware was not limited to the Google app store,” Puffin said, adding that the