App marketplace replaced Google’s Play Store as the biggest host of suspect content in the opening quarter, cybersecurity company RiskIQ reported.

Some 17,059 apps on were blacklisted by the company during Q1, out of a total of 43,049 suspect services discovered during the period. It said the latter figure accounted for nearly 2 per cent of all mobile apps.

While it didn’t specify the number of Google Play apps on the list, RiskIQ said the store continued a downward trend in malicious content begun in mid-2018.

RiskIQ defines blacklisted apps as those flagged as suspicious by at least one registry such as VirusTotal, which inspects files and web pages for common threats.

While the Play Store consistently ranks at the upper end of in RiskIQ’s threat analysis, it conceded suspect apps represent a small percentage of its total: around 6 per cent of all Play Store apps, compared with 96 per cent for and 15 per cent from Chinese app store Tencent.

Apple notably had almost no blacklisted offerings in its App Store.

Attractive target
RiskIQ researcher Jordan Herman told Mobile World Live Apple keeps a much tighter grip on what gets added to its App Store, noting Google’s option is “much more open and accessible to developers, good and bad”.

Herman added the prevalence of Android devices and its “complex ecosystem” of different manufacturers, operators and operating systems create an environment which is much more attractive to developers of malicious apps.

“This isn’t to say malicious apps never make it into Apple’s store or that iPhones never get exploited, but as long as there are more vulnerable Androids out there we’re going to see more focus on exploiting them.”