Thursday, December 12, 2024
HomeCyber Security NewsGoogle Blocked Malicious Sideloading Apps for Indian Users

Google Blocked Malicious Sideloading Apps for Indian Users

Published on

SIEM as a Service

Google has launched a pilot program to block malicious sideloading apps. This initiative is part of Google’s ongoing efforts to protect users from financial fraud and cybercrime, which have risen globally, particularly in India.

Cybercrime continues to be a significant concern in India, with consumers losing substantial amounts of money to fraudulent activities.

According to the Indian Cyber Crime Coordination Centre (I4C), in just the first four months of 2024, Indians reportedly lost over ₹1,750 crore (approximately USD 212 million) to cybercriminals.

- Advertisement - SIEM as a Service

This alarming figure underscores the need for enhanced protective measures to safeguard users from online threats.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Google Play Protect: A Robust Security System

Android’s built-in security system, Google Play Protect, protects users from harmful apps. It scans over 200 billion apps daily, identifying and blocking potential threats.

Last year, Google introduced real-time scanning to protect users from malicious internet-sideloaded apps better. This feature has proven effective, identifying over 10 million malicious apps globally. 

The new pilot program will expand Google Play Protect’s capabilities by enhancing fraud protection for apps installed from internet-sideloading sources such as web browsers and messaging apps.

This initiative follows successful pilots in Singapore, Thailand, and Brazil, where nearly 900,000 high-risk installations were blocked in Singapore alone.

Enhanced Fraud Protection: How It Works

The enhanced fraud protection will automatically block the installation of apps requesting sensitive permissions frequently abused for financial fraud. These permissions include RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility services.

Enhanced proactive protection against apps used in fraud scams
Enhanced proactive protection against apps used in fraud scams (source: google)

Google’s analysis revealed that over 95% of installations exploiting these permissions originated from internet-sideloading sources. 

Once the pilot begins next month in India, Play Protect will block any app installation from an internet-sideloading source declaring these permissions.

Users will receive an explanation regarding the block, helping them understand the potential risks involved.

The success of this initiative relies on collaboration with various stakeholders. Sugandh Saxena, CEO of the Fintech Association for Consumer Empowerment, emphasized the importance of safe digital platforms and praised Google’s efforts as a critical tool in combating financial crimes.

This collaborative approach aims to create a secure mobile experience for all Android users by working closely with governments, industry partners, and other stakeholders.

Preparing Developers for Change

Developers distributing apps that may be affected by this pilot are encouraged to review their app permissions and adhere to best practices for safeguarding user data.

Google has provided updated developer guidance to help address potential issues and offers instructions for filing appeals if necessary. 

As the pilot rolls out across Android devices with Google Play services in India next month, it marks a significant step forward in protecting users from financial fraud and enhancing overall digital security.

Upgrade Your Cybersecurity Skills With 100+ Premium Cyber Security Courses Online - Enroll Here

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024

Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center...

Reserachers Uncovered Zloader DNS Tunneling Tactics For Stealthy C2 Communication

Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and...

US Charged Chinese Hackers for Exploiting Thousands of Firewall

The US Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence...

DMD Diamond Launches Open Beta for v4 Blockchain Ahead of 2025 Mainnet

DMD Diamond - one of the oldest blockchain projects in the space has announced the...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Reserachers Uncovered Zloader DNS Tunneling Tactics For Stealthy C2 Communication

Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and...

US Charged Chinese Hackers for Exploiting Thousands of Firewall

The US Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence...

DMD Diamond Launches Open Beta for v4 Blockchain Ahead of 2025 Mainnet

DMD Diamond - one of the oldest blockchain projects in the space has announced the...