For many Android users, 2015 will go down in history as a sad year for the platform’s vulnerability protection, due mostly to a collection of mischievous software bugs known as Stagefright.
But that’s all behind us now, and at least according to Google’s second Android security annual report, the remote code execution and privilege escalation troubles may have made the ecosystem stronger than before.
Of course, there’s no mention of Stagefright in this latest “overview of new security protections introduced in 2015”, but it can’t be a coincidence the probability of an everyday Android user downloading a PHA (Potentially Harmful App) has decreased by 40 percent compared to 2014.
The drastic reduction in exposure to security flaws came to pass primarily thanks to improvements made to “machine learning and event correlation to detect potentially harmful behavior.” Specifically, Google claims to have checked over 6 billion installed applications for malware each day for the past year, also scanning 400 million devices a day for network-based and on-device threats, and developing Chrome’s Safe Browsing mode for permanent protection from unsafe websites.
Granted, it’s practically impossible to correctly gauge the number of PHAs available in the Play Store at one point or another in 2015. But what’s important to note is a mere 0.15 percent of devices that “only get apps from Google Play” picked up a form of malware, with the figure surging to 0.5 percent as far as gadgets that “install apps from both Play and other sources” are concerned.
Data collection apps remain the most widespread hazard, followed by spyware and hostile downloaders, all three malicious categories however losing steam last year, and wreaking havoc on less and less phones and tablets.
Source: Google Security Blog