Saturday, May 25, 2024

Google Blocks 2.28M Malicious Apps Entering The Play Store

A safe and trusted Google Play experience is our top priority.

We leverage our SAFE (see below) principles to provide the framework to create that experience for both users and developers. Here’s what these principles mean in practice:

  • (S)afeguard our Users. Help them discover quality apps that they can trust.
  • (A)dvocate for Developer Protection. Build platform safeguards to enable developers to focus on growth.
  • (F)oster Responsible Innovation. Thoughtfully unlock value for all without compromising on user safety.
  • (E)volve Platform Defenses. Stay ahead of emerging threats by evolving our policies, tools and technology.

With those principles in mind, we’ve made recent improvements and introduced new measures to keep Google Play’s users safe, even as the threat landscape evolves.

In 2023, we prevented 2.28 million policy-violating apps from being published on Google Play in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review processes.

We have also strengthened our developer onboarding and review processes, requiring more identity information when developers first establish their Play accounts.

Together with investments in our review tooling and processes, we identified bad actors and fraud rings more effectively and banned 333K bad accounts from Play for violations like confirmed malware and repeated severe policy violations.


Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

  • Real-time Detection
  • Interactive Malware Analysis
  • Easy to Learn by New Security Team members
  • Get detailed reports with maximum data
  • Set Up Virtual Machine in Linux & all Windows OS Versions
  • Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

Additionally, almost 200K app submissions were rejected or remediated to ensure proper use of sensitive permissions such as background location or SMS access.

To help safeguard user privacy at scale, we partnered with SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over 31 SDKs impacting 790K+ apps.

We also significantly expanded the Google Play SDK Index, which now covers the SDKs used in almost 6 million apps across the Android ecosystem.

This valuable resource helps developers make better SDK choices, boosts app quality, and minimizes integration risks.

Protecting The Android Ecosystem

Building on our success with the App Defense Alliance (ADA), we partnered with Microsoft and Meta as steering committee members in the newly restructured ADA under the Joint Development Foundation, part of the Linux Foundation family.

The Alliance will support industry-wide adoption of app security best practices and guidelines, as well as countermeasures against emerging security risks.

Additionally, we announced new Play Store transparency labeling to highlight VPN apps that have completed an independent security review through App Defense Alliance’s Mobile App Security Assessment (MASA).

When a user searches for VPN apps, they will now see a banner at the top of Google Play that educates them about the “Independent security review” badge in the Data safety section.

This helps users see at-a-glance that a developer has prioritized security and privacy best practices and is committed to user safety.

To better protect our customers who install apps outside of the Play Store, we made Google Play Protect’s security capabilities even more powerful with real-time scanning at the code-level to combat novel malicious apps.

Our security protections and machine learning algorithms learn from each app submitted to Google for review, and we look at thousands of signals and compare app behavior.

This new capability has already detected over 5 million new malicious off-Play apps, which helps protect Android users worldwide.

More Stringent Developer Requirements And Guidelines

Last year, we updated Play policies around Generative AI apps, disruptive notifications, and expanded privacy protections.

We are also raising the bar for new personal developer accounts by requiring new testing before developers can make their apps available on Google Play.

By testing their apps, getting feedback, and ensuring everything is ready before they launch, developers can bring more high-quality content to Play users.

We’ve introduced expanded developer verification requirements to increase trust and transparency, including D-U-N-S numbers for organizations and a new “About the developer” section.

To give users more control over their data, apps that enable account creation now need to provide an option to initiate account and data deletion from within the app and online.

This web requirement is essential so that a user can request account and data deletion without reinstalling an app.

We have also incorporated this feature into the Data safety section of the Play Store to simplify the user experience.

With each iteration of the Android operating system (including its robust set of APIs), myriad enhancements are introduced, aiming to elevate the user experience, bolster security protocols, and optimize the overall performance of the Android platform.

To further safeguard our customers, approximately 1.5 million applications that do not target the most recent APIs are no longer available in the Play Store to new users who have updated their devices to the latest Android version.

Looking Ahead

Protecting users and developers on Google Play is paramount and ever-evolving. In 2024, we’ll launch new security initiatives, including removing apps from Play that are not transparent about their privacy practices.

We also recently filed a lawsuit in federal court against two fraudsters who made multiple misrepresentations to upload fraudulent investment and crypto exchange apps on Play to scam users.

This lawsuit is a critical step in holding these bad actors accountable and sending a clear message that we will aggressively pursue those who seek to take advantage of our users.

We’re constantly working on new ways to protect your experience on Google Play and across the entire Android ecosystem, and we look forward to sharing more.

Combat Email Threats with Easy-to-Launch Phishing Simulations: Email Security Awareness Training -> Try Free Demo 


Latest articles

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining...

NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers

Zero Trust Maturity measures the extent to which an organization has adopted and implemented...

Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

Hackers target military and government networks for varied reasons, primarily related to spying, which...

DNSBomb : A New DoS Attack That Exploits DNS Queries

A new practical and powerful Denial of service attack has been discovered that exploits...

Malicious PyPI & NPM Packages Attacking MacOS Users

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users.These...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles