Anyone with an Android device may have to stay cautious as security researchers have discovered that its fight against the recent outbreak of Android-targeted malware seems to be going very poorly. Back in September this year, Google acquired VirusTotal and even introduced an optional app verification feature for users with Android 4.2 JellyBean, which was designed to enable users to identify dangerous or potentially dangerous apps on their device, regardless of where they downloaded it from.
Google’s app scanner, codenamed Bouncer and introduced in February this year, was designed to identify and protect users from malware in apps on Google Play. It fared rather poorly, however, according to an assessment conducted and published by Xuxian Jiang of North Carolina State University. The app verification service was only capable of identifying a little over 15% of malware samples thrown at it from the Android Malware Genome Project. To further add to Google’s troubles, security firm TrustGo noted that the number Android-targeting malware and viruses has been increasing by 580% year after year, while Juniper Networks reported a shocking 3325% increase in Android-related malware.
Unlike Apple’s iOS, Google’s Android OS is open source which and allows app developers from all over to contribute to the Android ecosystem but conversely, it also allows malicious app developers to exploit naive users. While Google has attempted to clean up its app store, TrustGo found that there have been nearly 175 million downloads of high-risk malicious apps from the top 500 apps alone. These are the kinds of apps that can completely hijack users’ account, administering fraudulent transactions and misusing personal data.
One of the reasons why Bouncer has failed to identify so many viruses is because its method of operation involves scanning to see if an app attempts to do anything suspicious for a short period of time before deeming it to be safe. An innovative malware-developer can very easily circumvent this by programming the malware to delay any suspicious behaviour until it passes Bouncer’s security check. Jiang even confirmed that VirusTotal hadn’t been integrated into Google’s app verification system after having tested it using a sample from each of the 49 different families of Android malware. While VirusTotal was capable of flagging anywhere from 29 to 49 of them, the app verification service barely identified 10.
While Google is working hard to improve their security, Android users may have to stay informed and vigilant until a more efficient security system has been developed. Until then, it’s important for Android users to not be lulled into a false sense of security by blindly trusting Google’s current antivirus safeguards.
