Google set the record straight on Android security Tuesday, announcing that in 2017 it booted 700,000 apps from Google Play for violating marketplace policies.
In a blog post titled “How we fought bad apps and malicious developers in 2017,” Google outlined efforts made over the last 12 months to keep users safe.
“Last year we’ve more than halved the probability of a user installing a bad app, protecting people and their devices from harm’s way, and making Google Play a more challenging place for those who seek to abuse the app ecosystem for their own gain,” wrote Andrew Ahn, product manager at Google Play, in a blog post Tuesday.
Other data points include 99 percent of apps with “abusive contents” were singled out and rejected before a user could install them, Google said. Over 100,000 “bad developers” were removed from the Google marketplace, it added. Google also said it booted 70 percent more rogue apps in 2017 than in 2016.
Bad apps ranged from ones with inappropriate content, those identified as potentially harmful applications and others that were copycat apps that simply existed to trick users into downloading them with confusable icons similar to popular apps.
Some of those rogue apps included 22 Android flashlight and utility apps removed earlier this month that “generated illegal ad revenue.” In December, sixty “AdultSwine” apps were booted from Play that in some cases generated pornographic ads on apps aimed at children.
Many of Google’s security gains are attributed to a series of initiatives rolled out over the past year.
Last May, Google introduced Play Protect, a security feature that maintains some oversight on content downloaded to Android devices. For example, previously downloaded apps can be continually scanned for malicious behaviors as a counter to developers who push benign apps to Google Play that later connect and download malicious components. This also helps provide a line of defense against apps downloaded from third-party stores that aren’t subject to Google’s malware scanners. Google Play Protect is capable of scanning and verifying up to 50 billion apps on a daily basis.
Google Play Protect is also a cornerstone security measure in Android 8.0, known as Oreo, along with Project Treble, which is expected to go a long way toward improving the scattered patching and update process now hindering Android security.
More recently, in December Google announced plans to further crack down on unwanted and harmful Android apps as part of an expansion of its Google Safe Browsing mission. Starting at the end of January, Google said last month, it will begin delivering warnings to users of apps and websites deemed in violation of its policies.
“Despite the new and enhanced detection capabilities that led to a record-high takedowns of bad apps and malicious developers, we know a few still manage to evade and trick our layers of defense. We take these extremely seriously, and will continue to innovate our capabilities to better detect and protect against abusive apps and the malicious actors behind them,” Ahn wrote.
While many of Google’s security wins trace back to itself, the company has also placed an increased emphasis on rewarding external researchers for finding vulnerable apps on the Google Play marketplace. In October 2017, Google took the long-awaited step of instituting a public bug bounty focused on finding vulnerabilities in popular mobile apps housed on Google Play. The program compliments Google’s Android Security Rewards program, which began in 2015 and focused on Google’s Nexus and Pixel phones.
Source: threatpost.com