Google says it’s bolstered its defenses against Play Store malicious apps

The Google Play Store has gotten a bad reputation for being a hub to an exorbitant amount of malicious applications. As a journalist for TechGenix, I have lost count of how many times I have been forced to report on mass infections occurring on Android devices due to the Google Play Store. As a company, Google claims to have a strict vetting system, yet time and again these applications make their way onto victims’ devices.

It is this reputation that Google claims it is trying to change with new measures that, according to them at least, have had a decent amount of success. In a post on the Android Developers Blog Andrew Ahn, product manager at Google Play, talks extensively about the newest tactics that the Play Store have taken to stop the flood of infected applications. In the post, Ahn states that thanks to “a series of new policies to protect users” the “number of rejected app submissions increased by more than 55 percent,” and additionally Google increased “app suspensions by more than 66 percent.”

The new measures have multiple areas of focus that Andrew Ahn believes are most notable. Firstly there is a new policy related to SMS and Call Log permissions that only allow applications that have “been selected as the user’s default app for making calls or sending text messages.” If the application seeks call or text functions without user permission, the application is rejected by the Google Play Store.

Another implemented security tactic by Google that Ahn believes is responsible for the uptick in malicious applications being suspended or outright rejected is how repeat offenders are handled. According to the post, Google surmises that “over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks.” They will often create alternate accounts and attempt to circumnavigate the ban that way. To prevent this, though specifics were not exactly given, Google apparently has “clustering and account matching technologies, and by combining these technologies with the expertise of our human reviewers” they found an increase in safety for users.

The final point that the post touches on is that, despite all of their new success against threat actors, Google understands that it is a constant battle. In Ahn’s own words he states that even though Google has “enhanced and added layers of defense against bad apps, we know bad actors will continue to try to evade our systems by changing their tactics and cloaking bad behaviors.”

Looking at the post, I cannot help but wonder what took Google so long to implement such measures in the first place. While it is better late than never, I am not entirely convinced yet that the Google Play Store is a safer environment for the long haul. The new measures may be effective now, but what will the company do when the next mass wave of malicious applications flood the Google Play Store? Will their reaction be as poor as it was in the past or have they finally learned their lesson?

Featured image: Flickr / Roman Boed

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Making an IT investment in your SMB? This definitive guide is for you

Planning to make an IT investment in your small or medium-sized business? It is imperative that you spend your money…

2 days ago

Kubernetes service mesh market is a lot more than Istio

Adopting a service mesh is no longer a trend, it’s a necessity. A healthy sign of this is that Istio…

2 days ago

10 biggest 2018 data breaches — and what they mean for 2019

Ransomware and malware attacks hit big victims last year. This look at the biggest 2018 data breaches will keep us…

2 days ago

Xtreme Podcast: Is there still an ‘I’ in innovation?

In this week’s Xtreme Podcast: Where are the next tech innovations coming from? Also, business taglines can be funny; cyber…

2 days ago

New System Center 2019 focuses on datacenters, security, hybrid cloud

The brand-new Microsoft System Center 2019 allows users to deploy and manage Windows Server 2019 and is perfect for those…

3 days ago

Aluminum giant Norsk Hydro experiences serious ransomware attack

Aluminum producing giant Norsk Hydro is dealing with major disruptions in production and falling share price in the wake of…

3 days ago