Google booted 100,000 malicious developers from Google Play

Cyber Chief Magazine brings you the tactics to uncover and neutralize the insider threat

New malware and unwanted apps are discovered on Google Play nearly every day – or so it seems.

malicious developers Google Play

According to Google’s statistics, in 2017 the company has taken down more than 700,000 apps that violated the Google Play policies: copycat apps, apps showing inappropriate content, and outright malware (apps that conduct SMS fraud, act as trojans, or phishing user’s information).

The number might seem small to some and significant to others, but it is definitely larger – by 70 percent – than the number of apps taken down in 2016.

Google Play product manager Andrew Ahn says that the company is also becoming more successful at identifying and acting against bad apps earlier (usually within one day of their appearance on the app store) and that 99% of apps with abusive contents were identified and rejected before anyone could install them.

He credits Google’s use of new machine learning models and techniques for the improvement in bad app detection, as well as Google’s introduction of Google Play Protect.

The latter is a security suite for Android devices that, among other things, scans and verifies apps users want to download from Google Play (before they download them), and periodically scans the device for already installed potentially malicious apps.

“We’ve also developed new detection models and techniques that can identify repeat offenders and abusive developer networks at scale. This resulted in taking down of 100,000 bad developers in 2017, and made it more difficult for bad actors to create new accounts and attempt to publish yet another set of bad apps,” he boasted.

Future efforts

Still, despite all the new and enhanced detection capabilities, Google knows some bad apps and developers manage to evade their defenses, and that the effort to keep them out has to be sustained and has to involve innovative measures.

Perhaps they should take into consideration some of the defensive measures proposed by other infosec experts?

Ultimately, there is no way that Google will ever be able to detect and block all malicious apps from Google Play, so a certain level failure tolerance from users is a must.

Using your own powers of observation and deduction when evaluating each offering you consider installing is still an excellent way to spot and avoid potentially unwanted apps.