Rooted Android devices contain 2x more malware

About 0.1% of devices from users that only download apps from the official Google Play Store contains malware. Users  of rooted Android devices should also stick to Google Play to keep malware of their phone, according to a report released by Google.


Android malware isn’t really an issue, according to Google’s report. In 2014 less than 1% of all Android devices were victim of malware (which is still millions of devices, due to the large install base of the mobile operating system). Devices of users that only download from Google Play hardly contain malware, about 0.1% of those smartphones and tablets contains potential malware.

Users that root their Android device should be aware of malware.R ooted devices contained twice as much potential harmful apps (PHA) that e.g contain spyware, ransomware, sms-malware etc than unrooted devices, according to the report.

The green line in the graphs above shows devices with apps that only originate from the Google Play store. It’s not surprising that they contain less malware than devices of users that download apps from other sources and sideload APK files.

Google performed the research using the “Verify Apps” feature of Google Play Services that scans apps for malicious behaviour. The feature was introduced in Android Jelly Bean and also added to other Android versions in 2013. This however means that users that install ROMs without Google Apps (GAPPs) are not included.

The number of potential infections is higher in countries where users mainly download apps from outside the Google Play Store. E.g. in Russia about 3-4% of the Android devices contains potential malware. Also in China more devices are rooted and more potential malicious apps are installed.