Speaking at the Virus Bulletin Conference in Berlin last week, Android team member Adrian Ludwig told an audience of antivirus experts and industry-folk that reports about Android malware (many of them propagated by AV firms) were overblown and obscured the real story: Android’s success at blocking actual infections. Citing Google data (https://docs.google.com/presentation/d/1YDYUrD22Xq12nKkhBfwoJBfw2Q-OReMr0BrDfHyfyPw/pub?start=false&loop=false&delayms=3000), Ludwig told the assembled that new security features, such as the Bouncer app testing service and Verify Apps technology make actual infections of Android devices a one-in-a-million occurrence, the Security Ledger reports.
Data collected by the Verify Apps service, which logs events involving a hazardous applications, found that only 1,200 of 1.5 billion application install attempts were incidents in which “potentially harmful applications” ended up being installed on an Android device, Ludwig said.
This is just the latest effort by Ludwig to throw cold water on feverish reports about skyrocketing Android malware. (http://www.eweek.com/security/mobile-malware-threat-growth-hits-record-in-q2-mcafee) In June, Ludwig told an audience at an FTC-sponsored event in Washington D.C. that reports of widespread infections due to the recently discovered "BadNews" malware were simply not true.“We’ve observed the app(lication) and we’ve reviewed all the logs we have access to,” he said. “We haven’t seen a single instance of abusive SMS applications being downloaded as a result of BadNews,” Ludwig said at the time. (https://securityledger.com/2013/06/google-badnews-malware-not-so-bad-after-all/)