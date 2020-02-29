The Google Play Store has been criticized in recent weeks for reports that continue to accumulate information about malicious applications that have passed Google's application security checks only to be identified later and summarily started from the Play Store, but not Before accumulating what there is in many cases millions of downloads and certainly cause significant damage behind the scenes. Still, there are much more sketched places where users download Android applications, and a new report identifies what may be the most dangerous so far.

RiskIQ has published its 2019 Mobile Application Threat Panorama report, which identifies 9Game.com, a mobile app store that offers free games for Android, as the most dangerous store of its kind and, in fact, home to the most malicious applications for all of 2019. According to the report, almost 62,000 new malicious applications were uploaded to the store in 2019, placing 9Game at the top of the store list with the newest malicious applications, but also at the top from the general list of stores with the most incomplete applications in total. There are also hundreds of other reputable app stores like this one, the report warns, “representing a murky mobile underworld that exists outside the relative security of reputable stores. Since many of these applications are found in stores hosted in countries known for cybercrime, such as China, or outside of the stores on the open web (often called wild applications), it is not surprising that the CISOs cannot monitor them " .

Before immersing yourself in the findings of the report, it is probably worth noting immediately that RiskIQ researchers discovered that the overall application security landscape continues to improve. Apple treats its own app store as, to cite the report, "Fort Knox," while Google's security controls are improving, despite the fact that many incomplete and frankly dangerous applications can still sneak into your store.

Because these two leading application stores are so proactive in trying to keep their stores free of bad applications, that forces the bad ones to look for other outlets where they can hide their products. Here is a look at the mobile application stores that the RiskIQ team described as the source of the most malicious applications last year:

Image source: RiskIQ

It is always a good practice to download only applications from sources you know and trust, and see numbers like the previous ones from a source like 9Game and others should definitely stop anyone.

Other highlights from last year, according to RiskIQ, include the fact that millions of Android users were still tricked into downloading any of several dozen adware applications from the Google Play Store, which according to the report includes both utility applications and games. Those apps posted misleadingly displayed ads, including full screen ads, as well as hidden ads and ads running in the background. The end of the game was (and is) that such applications can essentially monetize unsuspecting users.

The report concludes with some tips to remember: “Fortunately, some of these similar malicious applications are easy to detect. A potential gift is excessive permissions, where an application requests permissions that go beyond those required for its established functionality. Another is a suspicious developer name, especially if it does not match the name of the developer associated with other applications in the same organization. User reviews and the number of downloads, when present, also help provide a certain level of security that the application is legitimate. "

Image source: imageBROKER / Shutterstock