Google reveals it is already scanning Android apps for malware
Posted on 03.02.2012
Even though most malicious Android apps are served from third-party app markets, cyber crooks occasionally manage to disseminate some via Google's official Android Market.

Security experts have been wondering for a long time why Google hasn't copied Apple's rather successful app vetting process but, as it turns out, the company has already made a move in the right direction by adding an automated app scanning service to the market.

Codenamed "Bouncer", it scans both newly added and old apps in search for potentially malicious software, and analyzes developer accounts in order to prevent repeat-offending developers from returning with new malicious offerings.

"Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans", explains Hiroshi Lockheimer, VP of Engineering of the Android team. "It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags."

The applications' behavior is analyzed by running it on Google’s cloud infrastructure and simulating how it will run on an Android device. Once the service flags an app, it will be reviewed manually by Google employees.

Alas, Lockheimer doesn't tell if apps that cannot be considered strictly as malware but don't have the users' best interest at heart will be flagged by the service and banned from the market.

"The service has been looking for malicious apps in Market for a while now, and between the first and second halves of 2011, we saw a 40% decrease in the number of potentially-malicious downloads from Android Market," says Lockheimer, contradicting the findings of many security companies.

According to all this, Google is still not checking out the apps before they are made available for download by developers, but if the service works as planned, malicious apps should be taken down before doing much damage.

Granted, it is not the best solution, but it is a obvious improvement. Still, Android users should remember that carefully reviewing what permissions an app asks before being installed and researching it and its developer before doing so will considerably lessen the probability of installing a malicious app.


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th