Google says it’s bolstered its defenses against Play Store malicious apps

The Google Play Store has gotten a bad reputation for being a hub to an exorbitant amount of malicious applications. As a journalist for TechGenix, I have lost count of how many times I have been forced to report on mass infections occurring on Android devices due to the Google Play Store. As a company, Google claims to have a strict vetting system, yet time and again these applications make their way onto victims’ devices.

It is this reputation that Google claims it is trying to change with new measures that, according to them at least, have had a decent amount of success. In a post on the Android Developers Blog Andrew Ahn, product manager at Google Play, talks extensively about the newest tactics that the Play Store have taken to stop the flood of infected applications. In the post, Ahn states that thanks to “a series of new policies to protect users” the “number of rejected app submissions increased by more than 55 percent,” and additionally Google increased “app suspensions by more than 66 percent.”

The new measures have multiple areas of focus that Andrew Ahn believes are most notable. Firstly there is a new policy related to SMS and Call Log permissions that only allow applications that have “been selected as the user’s default app for making calls or sending text messages.” If the application seeks call or text functions without user permission, the application is rejected by the Google Play Store.

Another implemented security tactic by Google that Ahn believes is responsible for the uptick in malicious applications being suspended or outright rejected is how repeat offenders are handled. According to the post, Google surmises that “over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks.” They will often create alternate accounts and attempt to circumnavigate the ban that way. To prevent this, though specifics were not exactly given, Google apparently has “clustering and account matching technologies, and by combining these technologies with the expertise of our human reviewers” they found an increase in safety for users.

The final point that the post touches on is that, despite all of their new success against threat actors, Google understands that it is a constant battle. In Ahn’s own words he states that even though Google has “enhanced and added layers of defense against bad apps, we know bad actors will continue to try to evade our systems by changing their tactics and cloaking bad behaviors.”

Looking at the post, I cannot help but wonder what took Google so long to implement such measures in the first place. While it is better late than never, I am not entirely convinced yet that the Google Play Store is a safer environment for the long haul. The new measures may be effective now, but what will the company do when the next mass wave of malicious applications flood the Google Play Store? Will their reaction be as poor as it was in the past or have they finally learned their lesson?

Featured image: Flickr / Roman Boed

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Forbes hit by Magecart payment card skimming attack

The cybercriminals behind the Magecart payment card skimming hacks are at it again, and this time the venerable publication Forbes…

7 hours ago

Top 10 IT infrastructure certifications that can supercharge your career

Certifications can be a career-booster for IT pros. These IT infrastructure certifications can ensure your success in a hot and…

9 hours ago

Need to know? Checking the last logon username and time

You may want to know the last logon username for your Windows client computer and production server. With PowerShell, get…

11 hours ago

Google Cloud, ServiceNow announce new integrations

A new partnership between Google Cloud and ServiceNow makes digital workflows faster and more efficient, especially for IT operations.

13 hours ago

Windows Terminal offers helpful features for command-line users

Get your geek on! A new Windows Terminal application for command-line users includes tons of new features requested by community…

1 day ago

It’s all in your hands: Devising a winning cybersecurity strategy

Developing a robust cybersecurity strategy is one of your most effective tools for preventing an attack. But how do you…

1 day ago