Google forges new ‘app defense alliance’ to fix Android malware menace

Google is finally making moves to tackle the menace that is Android malware.

To this end, the internet giant has officially announced a partnership with cybersecurity firms ESET, Lookout, and Zimperium to catch sketchy apps before they end up on your devices.

Called the “App Defense Alliance,” the initiative aims to reduce the risk of app-based malware, identify new threats, and protect smartphone users from bad actors leveraging the platform for their gain.

To do so, Google is integrating its Play Protect malware detection systems with each partner’s scanning engines, thereby generating valuable risk intelligence that can be carefully scrutinized before making a third-party app available on the Play Store.

Introduced in 2017, Google Play Protect combines a mix of on-device protections and a cloud-based infrastructure to routinely scan over 500,000 apps to keep tainted apps off Google Play and out of users’s devices. It also leverages machine learning to detect malicious apps faster and at a larger scale without any human supervision.

The development comes as the Android platform has been beset by numerous instances of malware in recent months, what with smartphones proving to be a lucrative attack surface for criminals to carry out highly targeted campaigns.

A steady stream of Android malware

The Play Store malware trouble has been accentuated in part due to the open nature of the ecosystem.

Although Google has employed Google Play Protect as a means to secure devices from potentially harmful applications (PHAs), it’s been powerless against what appears to be a steady pattern of nasty apps bypassing its scanning process, highlighting the scope of the issue.

Last month, Lukas Stefanko, an ESET security researcher, compiled a list of 172 apps on Google Play with upwards of 335 million installs that were found to engage in ad fraud, credit card phishing, and serve other kinds of malware. And this was just for September.

Complicating the problem is the counter-mechanisms devised by Android malware authors to obfuscate their true colors.

They have been found to engage a number of sneaky workarounds to get past Google’s security checkpoints — make use of remote command and control servers to download second-stage malicious payloads, incorporate encrypted code, and even contain time-based activation delays to bypass detection barriers.

In its annual “Android Security & Privacy Year in Review” report released earlier this year, the search giant said only 0.08 percent of devices that used Google Play exclusively for app downloads were affected by PHAs in 2018.

Yet Google’s failure to rein in malware-laced apps has raised concerns about its supposedly vetted store. Increasingly, what should its job of proactively catching bad apps has been passed on to users, who must carefully inspect every app they intend to install on their devices.

More troublingly, even after Google removes a PHA from Google Play, the users who installed the app on their devices continue to remain at risk.

In forging this new alliance, the intention is to better screen apps before they are approved for download, and prevent users from accidentally downloading an offending app.

The fact that Google sought outside reinforcements to beef up Android app security is an acknowledgment of the serious of the problem. As they say, better late than never.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

For a Hedge Against Inflation - Click the Rocket!

E-Crypto News Executive Interviews

Blockchain/Cryptocurrency Questions and Answers

Stressed about crypto
The Worst Places in the World to Buy and Hold Crypto
January 27, 2023
What Are Crypto Index Funds?
What Are Crypto Index Funds?
January 19, 2023
Can You Make Money Anymore With Crypto in 2023?
January 13, 2023
What Is Stagflation And How Does It Affect The Crypto Markets?
What Is Stagflation And How Does It Affect The Crypto Markets?
January 12, 2023
passive crypto
How To Minimize Risks When Investing in Crypto
December 28, 2022

Automated trading with HaasBot Crypto Trading Bots

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin23,126 0.67 % 0.11 % 1.56 %
Ethereum1,592.4 0.92 % 0.29 % 2.06 %
Tether1.001 0.04 % 0.02 % 0.05 %
USD Coin1.000 0.44 % 0.25 % 0.18 %
BNB283.64 0.09 % 0.32 % 2.79 %
XRP0.4687 0.46 % 4.02 % 4.38 %
Binance USD1.000 0.15 % 0.14 % 0.18 %
Cardano0.3868 0.41 % 0.69 % 4.74 %
Dogecoin0.08870 0.91 % 1.26 % 4.72 %
Polygon1.130 1.50 % 0.78 % 14.60 %

Bitcoin (BTC) $ 23,110.19
Ethereum (ETH) $ 1,592.28
Tether (USDT) $ 0.999513
USD Coin (USDC) $ 1.00
BNB (BNB) $ 307.27
XRP (XRP) $ 0.410973
Binance USD (BUSD) $ 0.994098
Cardano (ADA) $ 0.385455
Dogecoin (DOGE) $ 0.088693
Polygon (MATIC) $ 1.14