Is the Google Play Store Safe? Not Yet.

By : Krishna Anindyo | Tuesday, February 25 2020 - 13:05 IWST

Google Play Store (Images by Brands of the World)
Google Play Store (Images by Brands of the World)

INDUSTRY.co.id - Over recent years, there has been a lot of activity on Google’s part to improve the security of its Google Play app store. Why? Because millions of users have inadvertently downloaded thousands of malicious applications from the store which have compromised their data including SMS, credentials, photos, calendars appointments, and emails.

For example, in March 2019, the ‘SimBad’ adware was found in over 200 apps on the store, with a combined download count of nearly 150 million.  

Since the formal formation of the alliance, over 5.2 million installations of malicious apps took place, spanning dozens of different campaigns of four different types of malware. These malware families have a range of capabilities from the ability to steal all information from the device, to taking over the device by popping up advertisements or overlay windows as a form of a phishing attack.

These apps also use a variety of techniques to avoid detection by the alliance’s security teams, including code obfuscation and delayed downloads of malicious payloads. 

One of these campaigns has been uncovered by Check Point researchers. The Haken malware family was installed on over 50,000 Android devices by eight different malicious apps which all appeared to be benign. The apps were mostly camera utilities and children’s games  the apps were Kids Colouring, Compass, QR code, Fruits colouring book, soccer colouring book, fruit jump tower, ball number shooter & Inongdan.

The malware is classified as a “clicker” because of its ability to take control of the user device and click on anything that may appear on the device’s screen. It is important to note that malware can access any type of data, so anything visible on-screen is fair game Hello, work emails!, and any locally stored data.

The impact on users is two-fold:  it can sign them up for premium subscription services without the user realising, earning money illegally for the people behind the app. It could also exfiltrate sensitive data from the user’s device. The good news is, these rogue applications have all been removed from Google Play.

But this does highlight that despite ongoing efforts to secure the Google Play Store against malicious apps, completely eliminating the risk of users getting a malicious download from the store is not going to happen quickly. There are nearly 3 million apps available from the store, with hundreds of new apps being uploaded daily – which makes it difficult to check every single app is safe.

Some app developers have devised ingenious methods to conceal their apps' true intent from Google’s scrutiny. Coupled with a fragmented Android ecosystem, in which a large number of device manufacturers infrequently offer critical OS updates, users cannot rely on Google Play’s security measures alone to ensure their devices are protected. 

They need to deploy security software to ward off malware and other threats, and protect the corporate and personal data on those devices. The security solution has to truly understand malicious behaviour which means it must use numerous advanced techniques that go beyond just signatures or machine-learning based on static indicators.

News Comment

Today's Industry

Paul Martinkovic, JERDE Chief Executive Officer, Named One of Los Angeles’ Most Influential People by the LA Business Journal

Rabu, 03 Juni 2020 - 15:30 WIB

JERDE CEO Paul Martinkovic Named One of Los Angeles’ Most Influential People by the LA Business Journal

Paul Martinkovic, Chief Executive Officer of JERDE (The Jerde Partnership), an iconic and internationally renowned architecture and urban planning studio headquartered in Downtown Los Angeles,…

FeedsFloor

Kamis, 28 Mei 2020 - 16:15 WIB

PATA and FeedsFloor Sign Organisational Partnership

The Pacific Asia Travel Association (PATA) is pleased to announce a new organisational partnership with FeedsFloor, a digital platform that enables clients to create and manage various event-related…

Veolia Water Technologies

Kamis, 28 Mei 2020 - 15:45 WIB

Veolia Water Technologies & Urban Utilities to Install Asia Pacific’s First Full-Scale Sidestream Mox Treatment Plant

Veolia Water Technologies and Urban Utilities are working to install Asia Pacific’s first full-scale sidestream ANITA Mox treatment plant this year. A first-of-its-kind in Australia, this…

HackerOne (Images by Tekno Tempo.co)

Kamis, 28 Mei 2020 - 15:15 WIB

The Global Community of Hackers Uncovered 170,000 Vulnerabilities

A bounty — or bug bounty — is a monetary award given to a hacker who finds and reports a valid security weakness to an organisation so it can be safely resolved. With nearly half of bounty…

HIMA (Photo by Rail Solutions Asia 2019 - German Pavilion)

Kamis, 28 Mei 2020 - 14:29 WIB

How to Keep Your Plant Running

Even with minimum internal staffing levels, plants can operate safely. The number of employees required onsite at any one time depends, of course, on the size and complexity of the plant. Even…