Feeds

Google readying on-device malware scanner for Android

Could block bad apps from any source

Next gen security for virtualised datacentres

Android malware is on the rise, but the good news is that Google isn't sitting still for it. The search giant is reportedly readying a comprehensive anti-malware system for its mobile OS that will soon be able to spot malicious apps not just in the Google Play store, but also on Android devices themselves.

According to a report by the Android Police fan site, the latest, as-yet-unreleased build of the Google Play shopping app contains code snippets that suggest links to a future onboard malware scanner.

Text strings included in the Google Play 3.9.16 APK package file include such tidbits as, "Allow Google to check all apps on this device for harmful behavior?" And, "To protect you, Google has blocked the installation of this app."

These phrases are apparently text prompts that will be offered by a forthcoming Google Play feature, identified in the new build as "App Check."

To be clear, this anti-malware feature is not yet actually included in any known build of the Google Play app. Another text string found in the new app package says, "To learn more, go to Settings > Security" – but no such settings panel exists in the 3.9.16 version.

Rather, the presence of these items is strong evidence that malware scanning is a feature that Google is currently cooking up in its labs, and which will eventually appear in some future version of its store app.

That will be good news for Android users. The Chocolate Factory already scans apps in the Google Play store for malicious behavior using a system known as Bouncer, but that hasn't prevented a number of high-profile incidents in which scammers have used rogue apps to swindle Android users out of cash and device data.

Most recently, some 1,400 people in the UK were left lighter in the pockets after they downloaded Android scam apps disguised as the latest Roxio Angry Birds game. What the rogue apps actually did was send SMS messages to premium-rate services, costing the unwitting users up to £15 each.

Part of the problem is that unlike Apple iPhones, Android phones generally allow users to install apps from sources other than the Google Play store, which can be risky. Some models require the user to explicitly enable this capability, while others ship with it switched on by default.

So far, Google's server-side Bouncer app scanning has had no way to screen apps from third-party app stores. But with anti-malware capabilities installed on the devices themselves, Android handsets and fondleslabs will be able to flag suspicious apps no matter where they come from.

For now, however, exactly how Google's on-device malware scanning will work – and how well – is strictly up to speculation.

So is when it will actually become available, although there's a good chance it might arrive with the next version of the Android OS. Rumor has it that version will be known as Android 4.2, code named "Key Lime Pie," and it could ship with an upcoming LG handset as soon as November. ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.