The removal of over 700,000 malicious apps from the Google Play Store in 2017 was led by Google’s various safeguards that are designed to prevent malicious apps from reaching Android users. Google’s Product Manager, Andrew Ahn, stated in a blog post, “Not only did we remove more bad apps, we were able to identify and action against them earlier. In fact, 99% of apps with abusive contents were identified and rejected before anyone could install them. This was possible through significant improvements in our ability to detect abuse – such as impersonation, inappropriate content, or malware – through new machine learning models and techniques”. Google accords this success so that it can improve the ability to detect abuse using “new machine learning models and techniques.
Despite the removal of 700,000 malicious apps, copycat apps still remain to be a significant problem. These kinds of apps are designed to imitate popular apps and unfortunately, a lot of users are still tricked into installing them. Although already removed over a quarter of a million of these imitating apps last year. In addition, Google also stated that it managed to keep “tens of thousands” of apps that contain inappropriate content such as pornography, extreme violence, hate and other illegal activities out of Google Play Store.
“Attempting to deceive users by impersonating famous apps is one of the most common violations. Famous titles get a lot of search traffic for particular keywords, so the bad actors try to amass installs leveraging such traffic. They do this by trying to sneak in impersonating apps to the Play Store through deceptive methods such as using confusable Unicode characters or hiding impersonating app icons in a different locale. In 2017, we took down more than a quarter of a million of impersonating apps,” Ahn stated in a blog post.
He also added that “Potentially harmful applications” (PHAs) are apps that attempt to phish users’ personal information, act as a trojan horse for malware, or commit SMS fraud by firing off texts without a user’s knowledge. “While small in volume, PHAs pose a threat to Android users and we invest heavily in keeping them out of the Play Store”.
Google had laid out all of its malware scanning and detection technologies under the umbrella of Google Play Protect just last year. With Google Play Protect, the Android operating system performs scans on the installed applications automatically so it can identify anything that’s out of place. Users could also trigger scans manually on their Android devices just right over the updates section.
Time and time again, there are still a couple of bad apps that still manage to occasionally slip through Google’s defenses. Way back in August last year, Google was able to uncover and removed 30 apps that were using the infected devices they were installed on in performing DDoS attacks behind users’ backs. And earlier this month, Google also managed to remove 60 games from the Play Store as they were found to display pornographic ads. According to Google, it will keep on upgrading its methods as well as machine learning models against crooks that keeps on trying to trick users with apps the clearly violates Google’s policies. In all fairness, these efforts seem to be paying off in improving Android’s security.