Google Bouncer Takes On Malicious Android Apps

Google is improving its security measures on Android Market after placing Bouncer on the door, to prevent the entry of undesirable apps.

Bouncer has been monitoring the Android Market for several months already, and Google claims it has seen a 40 percent drop in malicious apps between the first half and second half of 2011, Hiroshi Lockheimer, vice president of engineering for Google’s Android group, wrote on the Google Mobile blog 2 February.

The service automatically scans Android Market for potentially malicious software without requiring developers to go through an application approval process.

Hands-Off Approach

Google has been criticised by many security experts for not subjecting apps submitted to the Android Market to the kind of rigorous screening process that Apple does for iOS apps prior to listing them on the App Store. Google has positioned the Android Market as an open platform and has traditionally taken a hands-off approach.

“It’s not possible to prevent bad people from building malware,” Lockheimer wrote. Instead, Google is focusing on whether those bad apps are being installed and “we know the rate is declining significantly.”

Bouncer scans both new and existing apps for known malware, spyware and Trojans that could steal user data or access unauthorised features. It also analyses new developer accounts to keep out developers who have been already kicked out of the marketplace or have a history of trying to distribute questionable apps.

Bouncer runs all the apps virtually on Google’s cloud infrastructure to examine how they would run on a physical device. The simulation allows Google to examine hidden behaviour that can be malicious that wasn’t evident during the initial scan. If new attack methods or techniques are found, Bouncer rescans all the apps to see if they are present in other apps. Bouncer is getting better at detecting and eliminating malware every day, Lockheimer said.

Android Market was shaken by the discovery of malicious apps multiple times last year, and Google famously lashed out at the security companies for scaremongering and exaggerating the threat.

“The drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise,” Lockheimer wrote.

Malicious Downloads

Lookout Mobile Security, a mobile security company that sells protection software for Android devices, estimated in a recent report that more than $1 million (£632,000) had been stolen from Android users in 2011 as a result of malicious software downloads. The figure could rise, the company said. Juniper Networks found in its own reports that the number of malicious Android apps had quintupled in four months.

Google yanked apps from Android Market and took the unprecedented step of remotely removing them from user devices last year after the DroidDream malware first surfaced. More infected apps with DroidDream variants were removed over the summer.

However, whether an app is malicious or not is not really clear-cut. Just last week, Symantec identified 13 apps as being malicious because they could push data from a remote server onto user devices and perform other “suspicious” activities. Lookout criticised the announcement, saying Android CounterClank was just an aggressive form of advertising network and, while annoying, was not yet dangerous.

“No security approach is foolproof, and added scrutiny can often lead to important improvements,” Lockheimer said.

Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Share
Published by
Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

13 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

16 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

17 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

18 hours ago