Legitimate Chinese app stores riddled with security holes

If you are an Android user, you are surely aware of the fact that Chinese third-party app stores are where most malware for that particular OS has its debut.

Lacking any kind of factual control and vetoing process, these online stores are the most effective springboards for offering malware camouflaged as legitimate apps to Chinese smartphone users, since around 70 percent of them prefer Android-run devices.

But, as it turns out, the app stores run by two of the biggest Chinese mobile operators – China Mobile and China Telecom – are not without security vulnerabilities themselves.

According to The Register, a report of the Chinese Ministry of Industry and Information Technology (MIIT) has shown that even though the state of those two mobile operators’ overall network security is quite good, their app store security is not up to snuff.

Xiong Sihao, deputy director of the Ministry’s Communication Security Bureau, commented that even though there have been some improvements, the ministry is still not satisfied and feels that the mobile operators haven’t done enough to keep their users safe.

Could this be a hint that the Chinese government will be increasing the pressure on the operators and asking for better security on their online stores?

“In China people like to crack software and make it available for free but that is dangerous because Google Play at least has some quality control, but on the other sites you get these cracked apps alongside malicious ones,” observed a consultant for the Hong Kong CERT Coordination center.

He also pointed out that Chinese users are not adverse to pirated software and laid part of the blame for the proliferation of Android malware on them.

A lot of people may agree with him, but since obviously one can’t be sure that even the apps downloaded from a legitimate app stored are safe, I would say that the ball is still in the operators’ corner.