Google Play is not safe, but there is no other alternative

Is it possible to make an alternative app store for Android was a hotbed of malware? Researchers with the Slovak company ESET discovered Turkish app strore CepKutusu.com. Every time, when the user attempted to download any application, so you really get the mobile malware, but only after 7 days. Until then, "shop", although the required installation APK files outside the official source, was safe. Installed programs to function properly. Analysis showed that CepKutusu.com was programmed in such a way that after 7 days (checked it's based on cookies) to redirect the user to the mobile malware – each time you want to download any application.

Each downloaded file was a virus.

What with Google Play?

"Voices of reason" regularly propagated in all directions of the Internet, tell users that should not install applications outside the official source. What is the "official source"? Is the same breeding grounds for malicious software, as cited above in the case of Turkish, an alternative store. Malicious files that reaches to Google Play, do not infect a few hundreds, but often a few hundred thousand or in extreme incidents a dozen million. Was strange situation – users without root access, and such is the vast majority, are doomed to use Google. The company is not able to guarantee the security of its customers.

Not to leave only weakness of one of the parties, be righteous. The same thing happens with any operating system. In Windows, download and install the .exe files from a single source, that is, from the "Internet" (with CD/DVD) and from the MS App Store. On Linux we use the official software repositories, we install programs from the prepared packages DEB/RPM or add social networking/unofficial repositories, which are often beneficial for many users. The same is true with computers Mac OS and phones from the same manufacturer.

Sensible approach to the issues

Without access to root privileges on Android devices do not install applications to support open source market F-Droid. It's unfortunately a great limitation. The vast group of owners of smartphones with this system is doomed to install programs with malicious source, IE Google Play. However, you can remedy this by following our two rules:

1. install only those programs that are necessary for the work. Other applications should be removed. There is a risk that the software both with high and low popularity, will activate after a certain time malicious features. Such case is very, very, very, very, very, very, very much. It's hard to count them all.

2. We are considering the use of mobile antivirus software (for example. Bitdefender Mobile Security or ESET Mobile Security and ESET Parental Control). Although no mobile product protection is not perfect, because Android limitations make it manufacturers have limited capabilities, scanning Web pages or downloaded APK files always come out for good. What's more, mobile protective packages come with useful features, which you can obtain from other developers, but involves installing subsequent programs.

Finally, a list of tools, software, alternative firmware routers, Web browsers, etc., which do not violate user privacy or they are doing it to the extent that really minimal.



Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.