Click to Skip Ad
Closing in...
  1. Best Selling Drones Amazon
    13:27 Deals

    Amazon has a $59 drone you can control with gestures or just your voice

  2. How To Save Money On Your Cable Bill
    11:47 Deals

    Make your cable company furious and save $120/year with this $56 Amazon purchase

  3. Best Alexa Devices
    08:06 Deals

    Amazon’s hottest smart home gadget is down to $19 today – and you can get a $4…

  4. Kitchen Storage Solutions
    08:41 Deals

    How did you ever live without this brilliant $40 Amazon find in your kitchen?

  5. Amazon Gift Card Promotion
    11:46 Deals

    How you can get $15 from Amazon right now for free

Google finally gets serious about protecting you from malicious Android apps

November 7th, 2019 at 1:25 PM
Android apps

Every so often, we report on discoveries from security researchers who warn of newly identified batches of bad Android apps, often only after they’ve racked up millions of downloads. Back in September, for example, we mentioned this discovery by researchers at Wandera of a group of apps that requested sketchy permissions and included intrusive ads, among other problems, while garnering more than 1.5 million downloads before Google booted them from the Play Store.

It’s a constant game of Whack-a-Mole Google has seemed content to play when it comes to its app store. The bad stuff keeps sneaking in. Google kicks it out after-the-fact once it’s identified (often by third-parties). Rinse, repeat. But maybe now that pattern will start to change a bit.

Google is hoping to step up its security measures in this ongoing fight via a new effort it’s set up called the App Defense Alliance along with security firms Lookout, ESET, and Zimperium. In a post on the Google Security Blog, the search giant notes that as part of this new alliance “we are integrating our Google Play Protect detection systems with each partner’s scanning engines. This will generate new app risk intelligence as apps are being queued to publish. Partners will analyze that dataset and act as another vital set of eyes prior to an app going live on the Play Store.”

Google says it hand-picked the security firms that are part of this alliance based on their success in finding potential threats themselves and in improving the overall mobile app ecosystem. The alliance partners use a combination of machine learning and static/dynamic analysis to detect abusive app behavior, and “multiple heuristic engines working in concert will increase our efficiency in identifying potentially harmful apps,” Google’s announcement of the alliance continues.

All of this comes, of course, not a moment too soon. Coincidentally in tandem with Google’s announcement, Wandera researchers on Wednesday reported the discovery of seven apps on the Play Store which contain so-called “dropper malware.”

“The dropper apps are designed to download and install APKs from a GitHub repository, essentially opening a backdoor on the device for any new application functionality to be installed. In the case of the seven apps, the APKs being installed include adware, a form of malware that violates the policies of the Google Play Store,” Wandera noted about the apps, which have been removed by Google and include the following:

Developer: PumpApp

  • Magnifying Glass
  • Super Bright LED Flashlight

Developer: LizotMitis

  • Magnifier, Magnifying Glass with Flashlight
  • Super-bright Flashlight

Developer: iSoft LLC

  • Alarm Clock
  • Calculator
  • Free Magnifying Glass

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News