One in every 10 Android apps 'contains malicious code': US-China study

A joint study by computer scientists from the US and mainland China found that one in every ten Android apps contained malicious code.

Using a new algorithm that could detect malware and viruses within apps in less than 10 seconds, the team scanned 1.2 million Android apps on more than 30 major app stores around the world, about a tenth of them contained malicious code.

Over 2,000 of these apps had each been downloaded more than 50,000 times, meaning at least 100 million users were exposed to security risks.

The paper, with Chen Kai of the Chinese Academy of Sciences' State Key Laboratory of Information Security as lead author, has been accepted to the Usenix Security Symposium, an annual gathering of international security experts to be held in Washington DC later this year.

Full content of the study was not disclosed, but a report on the academy’s website said that their new detection method could trace the “origin” of source codes in an Android app and analyse their internal structure for suspicious traits.

Scientists were able to discover unknown security threats with unprecedented speed, and the study had generated “huge repercussion” in mobile software industry, the report said.

It is unclear whether the same algorithm could be applied to iOS apps. The researchers could not immediately be reached for comment.