Furthermore, mobile devices can, and often do, contain far more valuable data than laptops and desktops. Almost everyone keeps personal conversations, pictures, videos, banking stuff and logins to everywhere on their smartphones and tablets.
It's easy to see why bad people want to get their wares into those walled gardens that millions of people trust to be safe.
Getting past the security measures and vetting by the app stores requires serious deception and coding skills that few malware writers posses.
They are getting through the protections though: this month, a variant of the BankBot trojan horse malware for Android devices was discovered in Google's Play store by a security vendor.
BankBot tries to steal your mobile banking and credit card details. The enhanced variant contains many new overlay screens to trick users into thinking they are logging onto their financial institutions when instead the malware is sending their usernames and passwords to attackers.
Google has removed the Funny Videos 2017 app from its Play Store but how did the malware get in there? BankBot was first spotted in January and shouldn't make a reappearance just months after - even if the malware author obfuscated the code.
The "MilkyDoor" malware is a similar story: it started off as "DressCode" or SOCKSbot, which was found in September last year. Someone's now taken the code for DressCode and added nasty new features to the malware which is now named MilkyDoor.
MilkyDoor was found embedded into 200 apps on Google Play, one of which had seen up to a million installations. The malware targets businesses via bring your own device (BYOD) users, and could be used to attack assets on internal corporate networks researchers believe.
Be careful what apps you download and install, in other words, and keep that smartphone up to date.
This could include information theft, but also destroying databases or holding them to ransom as has happened recently.
Those large number of apps infected with MilkyDoor, the big download numbers and the malware, like BankBot, being a derivative of an older variant, means it's time to take the notion of app stores being totally safe with a grain of salt.
Apple has had a good run with its App Store when it comes to security, but iPhone and iPad users too have been hit in the past.
Uber was recently given a clout around the ears by Apple boss Tim Cook for "fingerprinting" iDevices, or giving them unique identifiers that persisted even after the ridesharing company's app had been uninstalled.
There's no reason to think that Google and Apple are doing things wrong, and have become bad at detecting malware; quite the opposite. Both learn from mishaps, and improve their app store defences constantly, and add protective measures to their operating systems as well. You are most likely much more safe using programs from closed app stores than those from anywhere else.
They won't ever be perfect however at detecting every single bad thing, and with an ever-growing number of apps in Google and Apple's stores, the chance of something nasty sneaking through will increase.
Be careful what apps you download and install, in other words, and keep that smartphone up to date.
