Infosec expert viewpoint: Google Play malware [source: helpnetsecurity]
by CIRT Team
Researchers routinely discover a variety of malicious apps on Google Play, some of which have been downloaded and installed on millions of devices worldwide.
Here’s what infosec experts think about the security of Google Play, what they think Google should do better, and what users can do in order to protect themselves from malicious apps on the official Android app store.
Google Play continues to have issues where malware is concerned. In fact, barely a week goes by without another tale of rogue apps sneaking onto the store. Over the years, many things have been tried. Manually checking apps. The “Bouncer” policing store submissions, almost immediately fingerprinted by researchers. The Play Protect rollout checking both store and device for threats, alongside “Verified by Play Protect” badges that certain apps sport. However, none of it is solving the problem.
Regardless of gains made, the current state of play is that no matter what Google tries, bad apps are still ending up on what should be the ultimate safe haven for Android owners. Researchers, like myself, advise mobile owners to steer clear of imitation stores, standalone downloads, and not to disable the “disallow installs from unknown sources” option in security settings.
For more, click here.