[coldtea]

Not by a large margin.

First of all, it's not the platform. There wasn't some vulnerability found in iOS that made this possible.

It's caused by pirated infected third party XCode downloads. If you use third party Visual Studio or Eclipse/Idea for Android development, you can get the same exact issues.

Second, apps run in a sandbox in iOS anyway, so those infected apps can't do much besides giving you ads and data about their usage.

Thirds, that's like 100 apps in the list, mostly all made in China, and all by people with infected, non-official XCode.

Contrast with malware in Android landm which amounts to 97% of mobile malware: http://www.forbes.com/sites/gordonkelly/2014/03/24/report-97...

[flymoon]

Thanks for correcting me. I am wondering if IOS could add a new feature to detect bad apps.

For example IOS could give an operation history summary for each App. The list could be something like this:

APP1:

Photo ---- read ? times write ? times

Contact ---- ...

sms ---- ...

device ID ---- ...

APP2:

Photo ---- read ? times write ? times

Contact ---- ...

sms ---- ...

device ID ---- ...

customer can turn on/off this feature.

I believe if IOS have this feature, it will be much easier for IOS user to find out the bad APP.

[coldtea]

>I am wondering if IOS could add a new feature to detect bad apps.

I think Apple can add such as a step into their build process (IIRC, with the new XCode 7 there's the option to submit a kind of bytecode to be built on Apple's servers depending on the target architecture etc).

Another thing they could do is enable some kind of "Little Snitch"-like network connection that a user can enable for apps. This way the user can be informed for any "mysterious" external connections going on.

[lern_too_spel]

Yet days after this Trojan was disclosed together with a code signature, Apple is still relying on third parties to tell them which apps are affected. Meanwhile, we know that Amazon has been scanning their store for (at least) AWS keys for years, and Google has been running Bouncer on their store for longer.

It is well-known that due to Apple's restrictions on third-parties scanning software in their store, malware incidences in the App Store are significantly underreported.

[myko]

Which popular/mainstream Android apps were taken down from Google Play due to malware?

I'll grant you third party Android app stores and side loading is more dangerous than iOS - but in the case of Google Play vs iTunes it seems like Google Play is safer.

[coldtea]

>Which popular/mainstream Android apps were taken down from Google Play due to malware?

Well, there have been popular apps that have been infected as came pre-installed in phones:

http://thehackernews.com/2015/09/android-smartphone-malware....

As well as apps pulled from Google Play for having malware:

http://www.huffingtonpost.com/2015/02/04/mobile-malware_n_66...

http://www.coindesk.com/google-pulls-six-mobile-wallpaper-ap...

http://fortune.com/2015/07/08/google-play-fake-app/

[myko]

Right, I agreed that there are some cases of malware on Google Play. The apps you linked don't look to have the number of users affected by this latest App Store scare. That's why I said overall Play seems safer than iTunes.