Google Finally takes it seriously to protect you from malicious Android apps. Every so often, we report on reports from security researchers warning of newly identified batches of bad Android apps, often only after millions of downloads have been racked up.
For example, back in September, we discussed this discovery by Wandera researchers of a group of apps that demanded sketchy permissions and included intrusive ads, as well as more than 1.5 million downloads before Google booted them from the Play Store.
Whack-a-Mole’s constant game Google appeared happy to play when it comes to its app store. The bad things keep sneaking in. Once it has been detected (often by third parties), Google throws it out after the fact. Rinse it, repeat it. But perhaps that trend will begin to change a little now.
In this ongoing fight, Google aims to step up its security measures through a new effort, called the App Defense Alliance, along with the Lookout, ESET, and Zimperium security firms. The search giant states in a post on the Google Security Blog that we are combining our Google Play Protect detection systems with the scanning engines of each partner as part of this new partnership.
When applications are being queued to release, this will generate new device threat intelligence. Partners will review the database and serve as another critical pair of eyes before an app goes live on the Play Store.” Google says it has chosen the security firms that are part of this partnership on the basis of their performance in detecting possible threats themselves and enhancing the overall mobile device ecosystem.
The alliance partners use a mix of machine learning and static/dynamic analysis to detect abusive device behavior, and “multiple heuristic engines working in concert will improve our effectiveness in detecting potentially harmful devices,” continues the alliance statement from Google.
Not a moment too soon, of course, comes all this. Coincidentally, in tandem with Google’s announcement, on Wednesday, Wandera researchers reported on the Play Store discovery of seven apps that contain so-called “dropper malware.”
“The dropper apps are designed to download and install APKs from a GitHub repository, basically opening the device’s backdoor to install any new application features. For the seven apps that are being downloaded, the APKs contain adware, a form of malware that violates the Google Play Store’s policies, “Wandera noted about Google’s removed applications, including the following:
- Magnifying Glass
- Super Bright LED Flashlight
- Magnifier, Magnifying Glass with Flashlight
- Super-bright Flashlight
Developer: iSoft LLC
- Alarm Clock
- Free Magnifying Glass