Google reveals it is already scanning Android apps for malware
Posted on 03.02.2012
Even though most malicious Android apps are served from third-party app markets, cyber crooks occasionally manage to disseminate some via Google's official Android Market.


Security experts have been wondering for a long time why Google hasn't copied Apple's rather successful app vetting process but, as it turns out, the company has already made a move in the right direction by adding an automated app scanning service to the market.

Codenamed "Bouncer", it scans both newly added and old apps in search for potentially malicious software, and analyzes developer accounts in order to prevent repeat-offending developers from returning with new malicious offerings.

"Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans", explains Hiroshi Lockheimer, VP of Engineering of the Android team. "It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags."

The applications' behavior is analyzed by running it on Google’s cloud infrastructure and simulating how it will run on an Android device. Once the service flags an app, it will be reviewed manually by Google employees.

Alas, Lockheimer doesn't tell if apps that cannot be considered strictly as malware but don't have the users' best interest at heart will be flagged by the service and banned from the market.

"The service has been looking for malicious apps in Market for a while now, and between the first and second halves of 2011, we saw a 40% decrease in the number of potentially-malicious downloads from Android Market," says Lockheimer, contradicting the findings of many security companies.

According to all this, Google is still not checking out the apps before they are made available for download by developers, but if the service works as planned, malicious apps should be taken down before doing much damage.

Granted, it is not the best solution, but it is a obvious improvement. Still, Android users should remember that carefully reviewing what permissions an app asks before being installed and researching it and its developer before doing so will considerably lessen the probability of installing a malicious app.







Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //