Smartphones are more exciting than computers for malware developers. These devices can contain significantly more sensitive data, given their importance in everyday use. That’s why we keep seeing warnings about malicious attacks targeting mobile devices, including malware apps that are sometimes available from official sources like Google’s Play Store.
Smartphone vendors like Google continuously monitor for malware apps. Also, they adapt their techniques to counter the malware innovations that hackers deliver. The software giant announced on Wednesday new capabilities for Google Play Protect. That’s Google’s tool that scans billions of apps daily for signs of malware.
Going forward, Google Play Protect will prompt you to perform an app scan whenever it encounters an application it hasn’t seen before. This could reduce the likelihood of installing malicious code on your phone and enhance your security.
Google Play Protect is available on all Android devices with Google Play Services. That’s all the Android devices that run Google’s version of Android as opposed to a forked version. As long as you can access the Google Play Store and other Google apps on your phone by default, it means you’re running Google’s version of Android.
Different Android variants exist, such as the one Amazon uses for its Kindle devices. Or the many operating systems based on Android that are available in China. Another alternative is the Android-based OS that Huawei launched a few years ago.
Google says that Google Play Protect scans 125 billion apps a day to prevent malware attacks. When it finds suspicious entities, the service can prompt you to help you avoid installing an app that appears to be infected.
But Google explains that cybercriminals have developed their own techniques to avoid detection from services like Play Protect. Per Google, attackers develop “novel malicious apps available outside of Google Play to infect more devices with polymorphic malware, which can change its identifiable features.”
Google continued, “They’re turning to social engineering to trick users into doing something dangerous, such as revealing confidential information or downloading a malicious app from ephemeral sources – most commonly via links to download malicious apps or downloads directly through messaging apps.”
That’s why Google Play Protect also works for apps you install from sources other than the Play Store. Those apps are more likely to infect a device with malware.
Google is changing how Google Play Protect works to help make it more effective.
Previously, the service would conduct a real-time search when the user installed an app. If it identified any malicious behavior, it warned users about the potential security issue. The new version of Google Play Protect is getting more powerful, according to Google. It’s now getting real-time scanning at the code level to find malware. Google Play Protect will recommend a real-time app scan every time you install an app that has never been scanned before. The scan will be optional, but you should go through with it each time you see the prompts.
Google Play Protect will extract “important signals” from the app and send them to the Play Protect servers. That’s where the code will be inspected. If the analysis determines there’s something wrong with the app, Google Play Protect will advise against installing the app.
Google says the new security upgrade will improve protections against “malicious polymorphic apps that leverage various methods, such as AI, to be altered to avoid detection.” The company uses its own AI to learn from each app it’s reviewing so it can improve the protections it offers users.
The Google Play Protect upgrade has started rolling out in India and will be available in more regions in the coming months.
I’ll remind you to avoid installing apps from shady sources to reduce the risk of running into malware apps. Your best bet is sticking to what’s available in the Google Play Store, which already contains millions of apps.