ID: IRCNE2012021391
Date: 2012-02-04
According to “CNet”, Google has added an automated scanning process that is designed to keep malicious apps out of the Android Market, the company announced today.
The new service, code-named "Bouncer," scans apps for known malware, spyware, and Trojans, and looks for suspicious behaviors and compares them against previously analyzed apps, Hiroshi Lockheimer, vice president of engineering on the Android team, said in an interview with CNET this morning.
Every app is then run on Google's cloud infrastructure to simulate how the software would operate on an Android device, he said. Existing apps are continuously analyzed, too.
"The system takes an app that's been uploaded and runs it in the cloud and monitors what the app is doing in a virtual environment, if you will," Lockheimer said.
If malicious code or behavior is detected, the app is flagged for manual confirmation that it is malware. The app could be blocked from being uploaded if it is blatantly malicious or will be removed quickly thereafter if it gets flagged by the scanning process. "It won't get uploaded at all if it is an instance of known malware," Lockheimer said.
Unlike Apple, which vets every iPhone app before it hits the iTunes Marketplace, Google does not require pre-approval for Android apps. Instead, it does the screening of the apps behind the scenes when the developers upload them to the Android Market.
Google also is analyzing new developer accounts to "prevent malicious and repeat-offending developers from coming back," the company says in a blog post today.
Google has been quietly testing Bouncer for a "number of months," long enough to see an impact, Lockheimer said. Between the first and second half of 2011 there was a 40 percent decline in the number of downloads of potentially malicious apps, the company said.
Lockheimer said he could not say how many malicious apps had been blocked or removed from the market as a result of the scanning.
Mobile security firm Lookout found that there were about 1,000 malicious Android apps last year, but the vast majority were on unofficial, third-party sites where anything goes. But some malicious apps have made it to the Android Market.
It's likely Bouncer will flag apps that may not technically be considered malware but are designed to perpetrate fraud against the consumer. This would include situations such as the nearly 30 fraud-related apps Google pulled from the market in December that were found to be charging premium SMS toll rates on European phones without the user's knowledge.
Related Links:
Google pulls 'official' Siri app from Android Market
Google removes fraudulent apps from Android Market
- 2