New Android security report is alarming, but not because of the amount of malware


We’re all used to hearing about how horrible malware is on Android, but a new report is the most disturbing yet. Security firm is projecting that not only will new Android viruses and exploits reach new heights in 2017, but a new one will be discovered once every 10 seconds. But before you toss your Android phone in the trash, let’s explore how bad it really is.

While 8,400 malware discoveries every day is certainly alarming, it’s important to know that they’re not coming from the Play Store. There are millions of Android phones around the world that connect to their own dubious third-party app stores, and millions more that side-load suspect apps to bypass paying for them through the Play Store, and that’s where nearly all of the 3.5 million malware instances will come from this year.

But that’s not to say you’re completely in the clear. Android is the most popular mobile OS by a wide margin, and with popularity comes malfeasance. Android will always be a target for hackers, and as such, Google has taken great strides in Nougat and Android O to limit the chance that your phone could get infected.

No Nougat

There’s just one problem: According to the , just 7.1 percent of all Android phones are running Nougat, less than the 7.5 percent that were running Marshmallow at this time last year. That means they’re not only missing out on some great features, they’re also behind the times when it comes to security. Many of the phones bought last year will never get the latest update, and even a brand new flagship like the Galaxy S8 is still running an OS that’s several versions behind.


It’s one thing to withhold certain new features that the hardware can’t support, but security updates shouldn’t have such a short end-of-life date. Microsoft has vowed to support Windows 10 , but if you buy a Pixel today, you already know that it won’t get Android Q. And that means it won’t have the latest security measures to fend off future malware.

One step behind

Android O brings a pretty major change to how outside apps are installed. Previously you only needed to flip a single toggle to allow your phone to accept installation of apps from unknown sources, but with Android O, it’s on an app-by-app basis. So, if there’s a malicious app on your phone that’s trying to muck up your system, it won’t be able to inflict any damage unless you give it explicit permission.


Android O makes you approve installations on an app-by-app basis, decreasing the likelihood of a malicious app.

But most phones will never see Android O, including the Nexus 6 and Nexus 9 that were on sale just two years ago. Google is in a constant fight against malware on Android, but the struggle isn’t just against the attackers, it’s also over the delivery. Hackers love to target old exploits that people haven’t patched, and more than 90 percent of Android phones are at risk just because Android N hasn’t reached them yet.