Over 60% of Android apps have security flaws, and the average number of bugs per app is a staggering 39.
The data presented here are based on the “Peril in a Pandemic: The State of Mobile Application Security” report [PDF] by the Synopsys Cybersecurity Research Center (CyRC). This is the analysis of the security of the 3,335 free and paid mobile apps that were available on the Google Play store in Q1 2021. CyRC analyzed the security of open-source software components used in these apps.
The report highlights the many problems that Android users have when it comes to downloading apps to their devices.
According to the data presented in a blog post by the Atlas VPN, the problems are affecting various app types, including such sensitive as bank and payment apps.
The worst category was top-free games, where 96% of them contained vulnerable components. These games were followed by top-grossing titles and top-paid ones.
“All in all, 3,137 unique vulnerabilities were found in Q1 2021 that appeared more than 82,000 times across Android apps,” the report states. “A total of 73% of vulnerabilities had been first disclosed more than two years ago. However, they were still present in Android apps in the first quarter of this year.”
While most of these issues are easily fixable, the developers should simply care about doing an audit.
The educational apps had the most exploitable Android vulnerabilities in Q1 2021 (43%).
“Educational apps had the highest number of exploitable Android vulnerabilities with possible fixes as of the first quarter of 2021– 43 percent. Meanwhile, productivity and banking apps occupied the second and third spots in the list. They contained 41 percent and 39 percent of such vulnerabilities, respectively.”
This means the Google Play store apps are very vulnerable to security issues. And it’s not uncommon for Android users to get infected with these apps, given that apps on Google Play have been downloaded millions of times.