If you own an Android smartphone, the place you go to get your apps is probably the Google Play Store. It’s the most secure and convenient, and you can generally count on Google Play Protect to make sure that the apps you download are safe and won’t harvest your data or hijack your smartphone. However, this is not quite the whole picture.
If you have been following Android for a long time, you have probably read the reports that come out every few months about how two heavily downloaded apps are detected that contain malware. While it’s not usually the most popular app that succeeds in taking care of malware on your smartphone in particular, it’s a problem that users should beware of downloading apps that aren’t very popular.
Recently, a report from a Russian cyber security company Kaspersky‘s Safe list View a breakdown of the cost of running different types of malware in the Play Store. For example, it costs between $2,000 and $20,000 to pay for a “loader” that injects an already existing app with malicious code while bypassing Google Play Protect. These apps are usually available on Google Play Store with 5000 or more downloads and pose no threat until future update. So while Google promises security, you still need to be careful even when using the official Android app store.
The Google Play Store malware industry is a profitable industry
Given the amount of money that can be made from malware distributed on the Google Play Store, it’s no wonder that there are so many trying to game the system. Play Protect can only do so much, and Play Protect simply seems to be much better at recognizing it a favour Attacks instead of new attacks. like Safe list It is noted that many of these attackers specifically advertise that they can bypass Google Play Protect.
The biggest problem comes from the fact that no app is really safe. Technically, anyone can buy any app they’re looking to load their malicious code into. At this point, the developer will then push an update to end users who inadvertently install it and put their security at risk. This is probably why major apps with more than 1 million downloads are not detected; They weren’t harmful as they grew.
This means that there is a fundamental flaw in the Google Play Store that malicious actors can abuse to buy an already thriving malware distribution app. Google puts a lot of faith in Play Protect to help users, and while it appears to be doing a lot of good work, the fact that attackers can sell products that bypass it as a security mechanism shows that it’s not as robust as it might seem from the outside.
The best defense is to limit the apps you install
Given how any app can be a potential attack vector, the best (and only) defense you can really count on is not to install too many apps. The fewer apps you have installed, the less likely it is that an installed app will be updated with malicious code. For what it’s worth, most apps that are updated will require additional permissions to become malicious, as well Safe list Notes, some of them may try to convince you to install another app to give these additional permissions. This means that they are easy to spot, but you have to keep an eye on them anyway.
Most importantly, install apps from developers you can trust. Smaller, less well-known developers are more likely to want to sell their apps to potential attackers, while established developers will be more trustworthy. This doesn’t mean the opposite can’t happen, but it is a game of probability, and there are little moves you can take that are surefire ways to protect yourself.
It’s clear that Google needs to take more steps to protect its users.
You can also select a file Species of the apps you install too. Safe list He notes that “cryptocurrency trackers, financial apps, QR code scanners, and even dating apps” are the most egregious offenders. Most phones have a QR code scanner built into the camera now, and if you don’t have it, Google Lens (pre-installed) supports QR code scanning. For cryptocurrency trackers, there are plenty of web-based alternatives that don’t require an app.
However, shifting care to the user end can only go so far, and Google clearly needs to take more steps to protect users. Annual Android updates like Android 14 often come with security updates. The latest iteration, specifically, mandates that applications use the newer API levels so that they cannot exploit vulnerabilities affecting earlier ones. Google Play Protect will be an essential part of the defense even though not every phone gets an update to the latest Android version. If you can, keep them up to date.
[ad_2]
