Android and Malware
When compared to Apple’s App Store, Google Play’s track record with malware is not too good. Why is this so? Well, Google and Apple have very different strategies. Apple operates within a tightly-controlled system where developers must pass Apple’s strict requirements.
Unlike Apple, Google attempts to keep the installation approach as open as possible. With Android, you are able to conveniently install apps through multiple means, which include Google Play, non-Android stores, and sideloading. There’s hardly any red tape a developer must encounter when compared to Apple, and consequently, this is how the bad guys submit their malicious apps.
Google Play Bouncer
What is Google doing about this issue? In February 2012, Google launched an Android security feature called Bouncer. Bouncer scans Google Play for malware and eliminates malicious apps before they reach our Android devices. Sounds good, right? But just how effective is this security feature?
Security experts are not too impressed with Bouncer as they have found flaws within the system. An attacker can disguise an app from being malicious, while Bouncer is running, and deploy the malware on a user’s device. That doesn’t sound as good.
Google is Not Done Fighting the Baddies
While Bouncer can be compromised, Google is looking at other solutions to fight off malware. According to Sophos and Android Police, Google Play may be deploying a built-in malware scanner. This will enable Google Play to perform real-time malware scans on your Android device.
This has not been confirmed and whether Google will launch a built-in scanner within Google Play remains to be seen. However, I believe this is a good thing. If Google moves forward with this new security initiative, it will give Android users the peace of mind they deserve when downloading apps.
How To Stay Safe from Malware
In the meanwhile, you can take the following preventive measures for installing infected apps:
- Only download from a reputable app store, such as Google Play or Amazon Appstore.
- Glance at app reviews -- people will often rate an infected app poorly and will usually warn others through the app reviews.
- Avoid downloading unofficial apps -- it's always safer to install official apps from an official app store.
- Use strong antivirus protection such as Lookout Mobile Security, AVG, and Norton.