Google asks three mobile security firms to help scan Play Store apps

Google, ESET, Lookout, and Zimperium join to create App Defense Alliance.

gada.png

Image: Google

Google announced today that it partnered with three private cyber-security firms -- ESET, Lookout, and Zimperium -- to start a new project called the App Defense Alliance.

The purpose of this new project, Google said, was to unify malware and threat detection engines and improve the security scans that Android apps go through before being published on the Play Store.

Currently, when an app developer creates and submits an Android to be listed on the official Play Store, the app is scanned by Google employees with a system called Bouncer and another called Google Play Protect.

In the past, Google said that both systems have been able to detect thousands of malicious Android apps submitted to the Play Store.

However, while this system has been efficient, it hasn't been perfect, and many malicious apps slipped through across the years, from banking trojans to ransomware strains.

Malware authors adopted, got sneakier

Over the past few years, Android malware authors have also adopted to counteract and negate Bouncer and Play Protect scans.

Malicious apps have had success reaching the official Play Store by using a multi-stage delivery system (malware droppers), where the actual malicious app is downloaded at a later point after the user has installed a seemingly innocent app.

A second method observed in the wild relies on using something as simple as timers, where any malicious behavior is delayed by hours or days to avoid the malware from being detected while under testing at Google.

Using these simple techniques, malicious Android apps have been consistently slipping through Google's app scanning process.

Now, Google has taken the first step into fixing the problem -- by admitting there is a problem, instead of staying silent and trying to fix it on its own.

"As part of this Alliance, we are integrating our Google Play Protect detection systems with each partner's scanning engines," said Dave Kleidermacher, VP, Android Security & Privacy in a press release published today.

"This will generate new app risk intelligence as apps are being queued to publish," Kleidermacher said. "Partners will analyze that dataset and act as another, vital set of eyes prior to an app going live on the Play Store."

According to ESET security researcher Lukas Stefanko, in September 2019, 172 harmful apps were discovered on the official Play Store, with over 335,952,400+ installs on user devices. Extrapolating the numbers for the total year, that's about 2,500 malicious apps and almost 3.8 billion malicious installs. These aren't numbers to be ignored.