Play Store will never be the same again.
Updated on October 7th with reports that dangerous malware is back on the Play Store.
Google is on a mission to close the security gap that currently separates Apple’s iPhone from its Android rival. There’s been a lot of talk this week about the release date of Android 15. In Android 15, AI-powered Play Protect delivers live threat detection that flags dangerous apps on your device in real-time. Another notable move by Google was the shakeup of the Play Store itself, and it’s clear that the store is changing more than ever.
Ever since the updated policy went live on August 31st, raising the bar for apps to access the Play Store, I’ve been looking for metrics on the scale of the impact this will have. The question is: Does this really reduce the threat of boring, poorly developed apps used as Trojan horses to sneak malicious code onto your phone?
Statista reports that as of June 2024, the number of available Play Store apps is 1.7 million, a decrease of almost 1 million apps from the previous year, and a vast attack surface still exists. It is shown that Because it’s a constant game of cat and mouse between bad actors and Google’s security team.
We’ve noticed a reduction in the number of Play Store apps available.
That’s remarkable, but the latest Statista report is even more damning, showing that the number of apps released each month through the Play Store is rapidly decreasing. This marks a “significant month-over-month decline” in September, but even more so than a year ago, when there were nearly 80,000 people compared to 29,000 now. . But that’s nothing compared to March 2019, when 140,000 apps were released.
This is all very welcome, but we also actively remove errant apps and raise the bar and screen new apps and updates. When it comes to app behavior on devices, users should consider which apps they allow on their devices and proactively perform their own app screening on a regular basis to identify apps that are no longer used or are trivial. You remain responsible for removing errors.
Google has created a helpful guide to the 4 Pillars of Android App Quality to help you decide what’s good. The warning signs are clear. A poor user experience, features that fail to load, an overall feeling of poor development, excessive permission requests, and a lack of truly useful or interesting utilities.
All of this is even more important right now, as Google is urging users to stick to the Play Store and avoid sideloading apps more than ever. This approach has caused mixed feelings across the Android community, which is significantly less restrictive than the iPhone, not to mention recent legal issues, but there is no doubt that sideloading carries a higher risk to users and their devices. There’s no room.
Play Store Monthly Releases
This shakeout of the Play Store may be welcome, but there’s still work to be done. Four years ago, I reported on the Joker malware breaking through Google’s defenses and infiltrating the Play Store, and the team at Check Point said, “Joker is one of the most sophisticated threats of its kind we’ve ever seen.” “It is,” he warned. The malware secretly subscribes victims to premium services and the first sign of infection is Bill Shock. At the time, Check Point told me, “Protecting the Play Store alone is not enough. Google has removed malicious apps from the Play Store, but we can fully expect Joker to adapt again. should take the time to understand what the Joker is and how it hurts everyday people.”
Google itself also warns about Joker (also known as Bread). “We first started tracking Bread (aka Joker) in early 2017,” the company said in January 2020, adding, “The Play Store introduced new policies and Google Play Protect expanded its protection. “This forced us to continually iterate on the Bread app.” To find a gap. They have, at some point, openly used all sorts of cloaking and obfuscation techniques to avoid detection. Many of these samples appear to be specifically designed to slip into the Play Store undetected and cannot be found anywhere else. ”
Joker app on Play Store
Fast forward to September 2024, and even though Google had asserted in 2020 that “Play Protect protects against organized and persistent attackers, and shares examples of its techniques,” Joker is back with Play Protect. Appeared in the store. The latest victim was infected through the “Beauty Camera” app in Poland. According to CERT Polska, the app is still available as of October 1st and has already had “more than 100,000 downloads with the last update published on September 17th.”
The Joker’s unparalleled hide-and-seek skills show no signs of slowing down. “Once users download and install it, the interface itself doesn’t look malicious and matches the Google Play Store description. Beauty Camera can replace your original phone’s camera software. Beautiful You will be able to record your memories better.”
In response to Joker’s unwelcome new arrival, a Google spokesperson told me: “The app was removed from Google Play on October 2nd and the developer was banned. Android users are automatically protected from known versions of this malware by Google Play Protect. Google Play Protect is enabled by default on Android devices with Play services to warn users or indicate malicious behavior, even if those apps come from sources other than Play. You can block apps that are known to
Today it’s Poland, tomorrow it’ll be somewhere else, so despite the cull, be very wary of these kinds of boring apps on the Play Store. As CERT Polska explains, the scam hasn’t changed, and the app’s “sophisticated and malicious mechanisms designed to force users to subscribe to premium services without their knowledge or consent” exist. The application uses a multi-step process that uses encrypted communications, obfuscated code, and unauthorized access to sensitive user data. ”
So while Google tightens its defenses and removes more and more apps from the Play Store, continue to be careful about the apps you allow on your devices. Don’t be fooled into installing boring apps you don’t need. Also, make sure that Play Protect is enabled on your phone.
