All apps on Google Play are safe: Fact or fiction?

[harlan4096]

We always recommend downloading Android apps from official stores and nowhere else. But that doesn’t mean there are no viruses in the Google Play. It is true, however, that you’ll find fewer of them in the official store than on third-party sites, and they get removed on a regular basis.

How Google monitors the security of Android apps

It is no mean feat for malware to get into Google Play. Before they publish an app, moderators check it for compliance with an extensive list of requirements. If they find a violation, they ban the program from the store.

However, Google Play receives such a vast number of new apps and updates of existing ones that it is simply not possible for the moderators to keep track of everything. So from time to time, malicious apps do slip in. Here are some of the most striking incidents.

Dual-purpose scanner

Recently, our researchers detected malicious code in the CamScanner app for digitizing documents. Not only was the app available on Google Play, but according to the store it was installed by more than 100 million users.

What went wrong? Well, up until a certain point, CamScanner was a normal app that simply carried out its stated functions. Its developers derived income from advertising and paid features — nothing unusual so far. But that changed when a malicious feature was added to the app.

Malware in the shape of the Necro.n Trojan dropper snuck into one of the advertising modules and installed another Trojan tasked with downloading other muck onto the device — for example, advertising apps and programs taking out paid subscriptions to third-party services behind the user’s back.

Our experts reported the find to Google, whose administrators removed the app from the store. CamScanner’s developers also promptly removed the malicious modules from the app to get it back into the store. However, the infected version had been available for download for quite some time.
...

Continue Reading