Cyber Security News

Google Blocked Malicious Sideloading Apps for Indian Users

Google has launched a pilot program to block malicious sideloading apps. This initiative is part of Google’s ongoing efforts to protect users from financial fraud and cybercrime, which have risen globally, particularly in India.

Cybercrime continues to be a significant concern in India, with consumers losing substantial amounts of money to fraudulent activities.

According to the Indian Cyber Crime Coordination Centre (I4C), in just the first four months of 2024, Indians reportedly lost over ₹1,750 crore (approximately USD 212 million) to cybercriminals.

This alarming figure underscores the need for enhanced protective measures to safeguard users from online threats.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Google Play Protect: A Robust Security System

Android’s built-in security system, Google Play Protect, protects users from harmful apps. It scans over 200 billion apps daily, identifying and blocking potential threats.

Last year, Google introduced real-time scanning to protect users from malicious internet-sideloaded apps better. This feature has proven effective, identifying over 10 million malicious apps globally. 

The new pilot program will expand Google Play Protect’s capabilities by enhancing fraud protection for apps installed from internet-sideloading sources such as web browsers and messaging apps.

This initiative follows successful pilots in Singapore, Thailand, and Brazil, where nearly 900,000 high-risk installations were blocked in Singapore alone.

Enhanced Fraud Protection: How It Works

The enhanced fraud protection will automatically block the installation of apps requesting sensitive permissions frequently abused for financial fraud. These permissions include RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility services.

Enhanced proactive protection against apps used in fraud scams (source: google)

Google’s analysis revealed that over 95% of installations exploiting these permissions originated from internet-sideloading sources. 

Once the pilot begins next month in India, Play Protect will block any app installation from an internet-sideloading source declaring these permissions.

Users will receive an explanation regarding the block, helping them understand the potential risks involved.

The success of this initiative relies on collaboration with various stakeholders. Sugandh Saxena, CEO of the Fintech Association for Consumer Empowerment, emphasized the importance of safe digital platforms and praised Google’s efforts as a critical tool in combating financial crimes.

This collaborative approach aims to create a secure mobile experience for all Android users by working closely with governments, industry partners, and other stakeholders.

Preparing Developers for Change

Developers distributing apps that may be affected by this pilot are encouraged to review their app permissions and adhere to best practices for safeguarding user data.

Google has provided updated developer guidance to help address potential issues and offers instructions for filing appeals if necessary. 

As the pilot rolls out across Android devices with Google Play services in India next month, it marks a significant step forward in protecting users from financial fraud and enhancing overall digital security.

Upgrade Your Cybersecurity Skills With 100+ Premium Cyber Security Courses Online - Enroll Here

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as "GruesomeLarch"…

1 day ago

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by Egypt-based…

2 days ago

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central…

2 days ago

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India,…

2 days ago

Raspberry Robin Employs TOR Network For C2 Servers Communication

Raspberry Robin, a stealthy malware discovered in 2021, leverages advanced obfuscation techniques to evade detection…

2 days ago

145,000 ICS Systems, Thousands of HMIs Exposed to Cyber Attacks

Critical infrastructure, the lifeblood of modern society, is under increasing threat as a new report…

2 days ago