Despite Google’s “Bouncer,” malware is still a threat on Android
It’s an important move as Google does not review apps before appear in the store unlike Apple. Because the barrier to entry is so low, that sometimes means consumers unwittingly install malware on their phones.
The program, codenamed Bouncer, scans apps after they have been uploaded to the market, meaning developers still won’t have to go through an approval process to get their apps listed.
According to a blog post from Hiroshi Lockheimer, Google’s vice president of engineering for Android, Bouncer scans both new and existing applications for known malware, spyware, trojans and for behaviors that could indicate hidden malicious behavior. Google also analyzes new developer accounts to ensure that repeat offenders are prevented from uploading malicious apps.
Google revealed that Bouncer has been scanning the Android market for some time, reporting that “between the first and second halves of 2011, we saw a 40 percent decrease in the number of potentially-malicious downloads from Android Market.”
However, while Google is reporting downloads of malicious apps are decreasing, third-party analysts have found the amount of malware in the Android market is increasing as the platform’s larger reach makes it a more enticing target for unscrupulous developers. in November, the Juniper Global Threat Center reported it had seen a 472 percent increase in Android malware samples since July 2011 and in December Lookout reported it had found more than 1000 infected apps in the Android market — double the amount it detected in six months ago.
In January, AhnLab researcher JungSin Lee pegged Android as the OS under the most threat from malware due to its lack of a proactive screening policy. While Bouncer helps to address these concerns, the Android market has still had some recent, high-profile security incidents.
In November, a number of fake apps pretending to be popular games such as Angry Birds and Tiny Wings were removed from the store after customers complained they had bought the apps and they did not work. A month later Google had to remove 22 more apps from the Android market for SMS fraud.
Fighting malware can be like running faster just to stay in the same place. If Google adds one security measure, hackers eventually find another loophole. But Google is familiar with this dynamic, as it has had to battle search spam and black hat SEO (search engine optimization) for more than a decade.
There are currently more than 400,000 apps on the Android market.