Strangely, Google Play Store is filled with all kinds of malware that slipped through lately, and everyone is wondering why. You should always avoid downloading malicious apps by only getting apps from the official Google Play Store as it has its own built-in mechanisms for screening every app for ransomware, malware, bugs and more nasty things.
Lots of infected apps are lurking in Google Play Store
Last week, a new strain of Android malware called ExpensiveWall was spotted lurking in 50 apps from Play Store
The security company Check Point discovered this new strain of Android malware and the infected apps were unfortunately downloaded between 1 and 4.2 million times! After Google eliminated the problem, there was another sample of the malware in the Play Store again.
What’s even more horrible is that ESET’s researchers have also found malicious apps from the BankBot malware family lurking in Google Play and the list goes on. How does this happen?
Google has enhanced Play Store’s scanning defenses on a regular basis, and now they are under the umbrella of Google’s Play Protect security suite. Even so, nasty apps continue to slip in. Some of these hide in flashy games and others in attractive customization apps.
Sneaking nasty apps in Play Store
Getting bad apps through doesn’t require lots of exploiting of the vulnerabilities of Google’s Play architecture. Hackers now use straightforward tricks and techniques to dupe Google’s Play Protect’s scanning. In other words, apps can start to execute their shady behavior after they have been accepted in the Store and this is just one of the many techniques used by cyber attackers.
Dismantling the attacker business model
The solution lays in finding out a way to dismantle the attacker business model that lets malicious apps sneak into Google Play. Even if malware also makes its way into Apple’s App Store, most attackers focus on Android instead of iOS. This could happen because Apple is stricter or because Android has a larger user base.
Unfortunately, no matter how advanced and robust Play Store’s security gets, it will be at odds with Android’s broader design and Google is in a quite awkward position. The fact that Android is an open platform it makes them the market leaders but is also provides a great playground for hackers.