According to Google's latest report on the transparency of the Android ecosystem, Android Lollipop (5.0) is eleven times more likely to be infected with malware than Android Pie (9). The same report shows that if you load apps sideways, you're infected almost seven times more often than if you're using Google Play as the app source. All the data provided in the report is quite interesting, but there is a clear pattern between malware-infected users.
Google names malware PHAs or potentially harmful apps. This distinction means that the same app may be harmful to one Android version, but completely harmless in another version. For example, an app that attacks older APIs might be harmful if your device is running an older version of Android, such as Lollipop. However, if you install the same app on a phone with Android Pie, new security measures could make it completely secure. [1
9659003] Google Security Report: If you do not want malware, update Android and stop Sideloading ” width=”532″ height=”532″ style=”max-width:532px;height:auto;”/>
PHA rates for Android. Google Transparency Report
If you look at the chart above, you may think that the lower infection rates are a byproduct of fewer people running the new versions of Android. However, these are percentages of malware-infected devices, so the total number of users has no effect. The lollipop PHA rate is 0.66%, while the pie PHA rate is 0.06%.
The difference in PHA rates is almost overwhelming when you only look at people who install apps from the Google Play store and compare them to those who do. Download apps from external sources. Google Play users are infected at a rate of 0.09% worldwide, while sideloaders are infected with a 0.61% clip.
Google has continued to compare PHA infection rates by country, and the results are surprising. Indonesia and India (gold and green lines respectively) had the worst values at 0.65%, while the United States (black line) ranked third with 0.53%. With the US being one of the richest countries in the world, there would be more pro-head Android phones than in other countries, and since flagship phones generally receive more frequent updates than cheap phones, people on the newer Android are better protected versions ,
We can only speculate here, but the reason for the high PHA rates in the US could have two reasons: More page load apps per user and more phones from OEMs with a poor Android update -Track records.
Since Samsung is notoriously slow for Android updates, they must share some of the blame for the bad malware rates in the US. They are by far the most common Android brand in the US and one of the few manufacturers that have not yet upgraded the majority of their latest devices to Android Oreo, an operating system upgrade that was available 15 months ago.
You can not do anything about a phone that does not receive updates (except rooting and installing a custom ROM), but you can improve your security by paying attention to loading apps. If you need sideload, you must at least download APKs only from trusted sources like APKMirror or the official website of a reliable developer.