Google has been desperately trying to end the nightmare of malware-filled apps entering its Android app store. Over the past year, the US technology firm has removed thousands of dangerous applications which were intent on wreaking havoc on smartphones and tablets.
Google recently confirmed its new Play Protect service has stopped over 790,000 policy-violating app submissions from being published on the Play Store. Additionally, the Mountain View company also declared its Play Protect initiative now scans over 100 billion apps every single day.
However, although this tough new crackdown has been welcomed it has also created a serious problem and it’s one every Android user needs to know about.
According to a recent report from RiskIQ, Google’s new security measures have meant a 76.4 percent reduction in blacklisted apps appearing on the Play Store.
These tough new blocks mean that those intent on stealing data and filling phones with irritating adware are now turning to other ways of getting their malware installed on devices.
RiskIQ says that with Google making things inhospitable for malicious apps, threat actors must turn elsewhere to turn a profit.
And to keep their apps appearing on phones many are now using unofficial stores which offer Android users an easy way to install applications for free.
In fact, there are now hundreds of stores across the world in which threat actors can comfortably sell their wares.
RiskIQ has found that some app stores are more dangerous than others and have a higher concentration of malicious apps.
In 2019, these were the stores from which you were most likely to download a malicious app: 9Game.com • Feral apps • VmallApps • Xiaomi • Zhushou
Many of these app stores offer tantalising reasons to visit them including offering services you can’t find on Google.
Like all most things in life … if it looks too good to be true it usually is and Android fans are being urged to be wary of these stores.
Speaking in its Threat Landscape Report, RiskIQ’s Jordan Herman, said: “Users should be discerning and skeptical when downloading anything and have passive protection such as legitimate antivirus software along with regular backups.
“Although they cannot make up for preventative measures such as checking permissions, anti-malware products provide some protection from malicious code.
“Luckily, some of these malicious lookalike apps are easy to spot. One potential giveaway is excessive permissions, where an app requests permissions that go beyond those required for its stated functionality.
Another is a suspicious developer name, especially if it does not match the developer name associated with other apps from the same organisation. User reviews and number of downloads, where present, also help to give some level of reassurance that the app is legitimate.”
Published at Tue, 03 Mar 2020 07:00:00 +0000