Google revealed that its improved security features and app review processes have helped it block 1.43 million bad apps from being published on the Play Store by 2022.
In addition, the company said it banned 173,000 bad accounts and defended more than $2 billion in fraudulent and abusive transactions through developer-directed features like the Voided Purchases API, Obfuscated Account ID and API of Play integrity.
The addition of identity verification methods such as phone number and email address to join Google Play contributed to a reduction in accounts used to publish apps that violate its policies, point to Google
The search giant further said it “prevented around 500,000 shipped apps from unnecessarily accessing sensitive permissions over the past 3 years.”
“In 2022, the app security enhancements program helped developers patch ~500,000 security vulnerabilities affecting ~300,000 apps with a combined install base of approximately 250,000 installs” , he pointed out.
Instead, Google blocked 1.2 million policy-violating apps from being published and banned 190,000 bad accounts in 2021.
The development comes weeks after Google enacted a new data deletion policy that requires app developers to offer an “easily discoverable option” to users both within and outside of an app.
Despite these efforts by Google, cybercriminals continue to find ways to bypass the app store’s security protections and publish malicious apps and adware.
For example, McAfee’s mobile research team discovered 38 games disguised as Minecraft and which have been installed by no less than 35 million users worldwide, mainly in the United States, Canada, South Korea and Brazil.
These gaming apps, while offering the promised functionality, have been found to embed the HiddenAds malware to stealthily load ads in the background to generate illicit revenue for their operators.
Some of the most downloaded apps are:
- Block Box Master Diamond (com.good.robo.game.builder.craft.block)
- Craft Sword Mini Fun (com.craft.world.fairy.fun.everyday.block)
- Block Box Skyland Sword (com.skyland.pet.realm.block.rain.craft)
- Craft Monster Crazy Sword (com.skyland.fun.block.game.monster.craft)
- Block Pro Forrest Diamond (com.monster.craft.block.fun.robo.fairy)
“One of the most accessible content for young people using mobile devices is games,” said McAfee. “Malware authors are also aware of this and try to hide their malicious functions within games.”
Complicating the problem is the rise of Android banking malware that threat actors can use as a weapon to gain access to victims’ devices and collect personal information.
Another emerging trend is the use of bridging services to trojanize legitimate apps and hide a malicious APK payload. This technique has been adopted by bad actors to distribute an Android botnet called DAAM, Cyble said.
The malware, once installed, establishes connections to a remote server to perform a wide range of nefarious actions, including acting as ransomware, encrypting files stored on devices using a password retrieved from server
DAAM also abuses Android accessibility services to monitor user activity, allowing it to record keystrokes, record VoIP calls from instant messaging applications, collect browser history, call logs , photos, screenshots and SMS messages, execute arbitrary code and open phishing URLs. .
“Malware authors often use genuine applications to distribute malicious code to avoid suspicion,” the cybersecurity firm said in an analysis published last month.
The findings also follow an advisory from CloudSEK, which discovered that several popular Android apps such as Canva, LinkedIn, Strava, Telegram and WhatsApp do not invalidate or revalidate session cookies after app data is transferred from ‘one device to another.
Although this attack scenario requires an adversary to have physical access to a target’s phone, it could allow account hijacking and unauthorized access to sensitive data.
To mitigate these threats, it’s recommended to enable two-factor authentication (2FA) to add an extra layer of account protection, examine app permissions, protect devices with a password, and avoid leaving them unattended in public places .
Google recently announced that it blocked 1.43 million malicious apps and banned 73,000 bad accounts in 2022 as part of its ongoing effort to keep its users safe. The move came as Google continues to make strides in its commitment to providing best-in-class security and privacy protection for its users.
Our team at Ikaroa is fully supportive and applauds Google’s efforts in protecting its users from the potential dangers of malicious apps and threats. Google’s effort to stay one step ahead of malicious actors will help to keep its users safe and the digital environment secure.
Ikaroa takes security and privacy of its users very seriously and continuously strives to ensure that we are taking all the necessary steps to protect our users from malicious activity. We have put in place a robust security system, as well as regularly performing routine malware scans and applying the latest patches to our products.
This announcement from Google is a clear indication of their commitment to ensuring customer safety and security. As technology advances and the digital world expands, the importance of security and the protection of user information is paramount. At Ikaroa, we recognize the importance of this and will continue working to ensure users remain secure and protected.