Over 10 million Android devices reportedly infected with Chinese malware
Ten million Android devices have been infected by malware called HummingBad, according to Check Point. The cybersecurity firm said it discovered the malware in February, and has been tracking it ever since.
If you see a site offering a program that does something really cool for free but isn't in the app store avoid it at all costs.
Sideloading is an advanced maneuver, and probably should be avoided by the uninitiated, but it's hardly a universally dangerous activity. The Amazon app store has to be sideloaded, and at least historically, has been safer than the play store. Sideloading safely means only doing so from trusted parties, and as a general rule, that would disclude most 3rd party stores. But there are still developers who sell their app outside the store. If they've been around a while, are mostly say PC devs where 'sideloading' is the norm, not the exception, and have a public forum with years of customer engagement, those are some signs things are legit.
Android apps all come with a list of permissions, and while you may not be eager to learn what each one does, pay attention to what the popular apps you're installing ask for, the more familiar you are with them, the more you'll notice when an app asks for way too many permissions, and then just try to find a less intrusive option.
The best safety probably comes from buying rather than using free apps (exception: free apps from major services are safe, ex. gmail). Free apps have to get their money somewhere, and that means trusting unknown parties for revenue. Malvertising is a growing threat everywhere, and a lot of the recent issues that have come up have been from third party plugins in apps designed for revenue, not from the developers themselves. When you buy your apps, there are fewer parties involved and it's more clear how the developer is earning their keep.
read reviews on the google play store especially the one and 2 star reviews. those occasionally contain info that can help determine if the app has any malicous content or if it is just crap.