Serviceteam IT Security News
Apps downloaded from Google Play were eight times less likely to compromise a device than apps from other sources

Google says that 2018 saw its policies, along with enhanced automated and human checks, stop more malicious apps from entering Google Play than ever before. The company also claims to have acted faster when it came to detecting and removing the developers of harmful apps.

“The number of rejected app submissions increased by more than 55 percent, and we increased app suspensions by more than 66 percent,” writes Google Play Product Manager Andrew Ahn in his year-in-review post on Google Play security in 2018.

He went on to chalk the improvements up to Google’s tightened policies for app developers, as well as to the company’s increased spending on automated protections and human reviews, both of which he called critical for cracking down on bad apps.

“In a continued fight against these types of apps, not only do we apply advanced machine learning models to spot suspicious apps, we also conduct static and dynamic analyses, intelligently use user engagement and feedback data, and leverage skilled human reviews, which have helped in finding more bad apps with higher accuracy and efficiency,” said Ahn.

Of course, acting quickly on harmful apps that have somehow sneaked past the storefront’s checks is an important part of the Play Store security ecosystem. In this context, the tech behemoth praised its Google Play Protect system, which “now scans over 50 billion apps on users’ devices each day to make sure apps installed on the device aren’t behaving in harmful ways”.

Taken together, the company says that the likelihood that an app from Google Play would compromise a device was eight times lower than the probability of damage caused by downloading apps from outside the official Android app store.

Having said that, bad apps continue to sneak into Google Play, as documented by ESET researcher Lukáš Štefanko .

Familiar faces

Another interesting finding has to do with who’s most often behind the threat. According to Google, “over 80 percent of severe policy violations come from repeat offenders and abusive developer networks”.

Once banned, malicious app developers often set up new developer accounts or purchase such accounts on the black market. Here, Google attributes the improvements in cracking down on the repeat offenders to better clustering and account matching technologies, in conjunction with the prowess of its human reviewers.

“[W]e’ve made it more difficult for spammy developer networks to gain installs by blocking their apps from being published in the first place,” said Google.

In a way, the latest yearly review brings echoes of the corresponding report for 2017, which we also reported on and in which Google also lauded the success of its protections from harmful apps.

When all is said and done, there are several easy-to-apply measures that will go a long way towards enhancing your protection from threats to Android-powered devices. These include being prudent when installing apps, especially – but not only – from outside Google Play, watching out for permissions requested by apps, and having reputable mobile security software in place.


Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!