People complain about the way Apple controls its App store, “Android and Google Apps are far less restrictive”, but whatever the arguments it does mean their level of app curation improves the cyber security of Apple devices. The fact that Apple controls both the hardware and operating systems of their devices and issues patches and updates promptly also improves the contributes to better security.
The Google Play store and Android does not have the same level of curation as the Apple App Store and the Google Android OS does run on some Google hardware but the majority run on other vendor’s hardware. This is an opportunity for the threat actors – I have many examples of malicious Android apps available through the Google Play Store.
Android is now cheaper to hack!
There is a cost to the threat actors, in time and money, to set up a hack and this has been calculated by Kaspersky to be a $20,000 using services, software and code available on the Dark Web. There is no need to have your own dark coding and support team, just buy it in as a service, just like a regular business buys Microsoft 365, Google Workspace, etc..
Pay $20k and infect Android devices via Google Play store • The Register
Your take away from this…
Do you have a policy for using an Android phone as part of your “bring your own device” (BYOD) policy?
Clive Catton MSc (Cyber Security) – by-line and other articles