Android will now constantly scan your phone for misbehaving apps

Daniel Bader

April 10, 2014 4:02pm

Last year, Google built a “Verify Apps” feature into Android that scans apps for m alware upon installation.

While that process, which has been used 4 billion times according to the company, has successfully prevented infection from countless malicious apps, it doesn’t go far enough; code can be remotely changed after installation, making it relatively easy for m alware vendors to counteract Google’s defences.

Today, as a response, Google has updated its Play Services for devices running Gingerbread or higher to continually scan installed apps for malicious code. According to Google, only 0.18% of installs since have been deemed harmful since Verify Apps was implemented. “Even though the risk is miniscule, we’re committed to making sure that the best available security protections are available to all Android users. This includes service-based protections such as Verify apps, as well as security features within the platform itself,” says a blog post.

According to a recent report by Symantec, 99% of mobile-focused m alware is destined for Android, though only a very small number of users fray from installing apps outside of Google Play itself. Still, m alware has been found in the occasional Play Store-based app, and this move by Google can only help keep Android users more secure.

  • deltatux

    Ummm, would this make my battery plummet? Scanning normally isn’t a battery friendly task. If they managed to not sap my battery, I’m all for it…

    • TomsDisqusted

      I doubt they need to scan very much. For starters, most of your apps would probably be considered ‘known safe’. They would probably only scan when an unknown app uses a dangerous API such as read SMS, or draws over other apps.

    • Guest

      I’m not aware of any such capability, and I rather doubt it. And Android doesn’t use jar files – the app is packaged in an APK and the only way to modify the APK is by updating the app.

  • Liberal Phone Person

    well… so much for pirating apps.

  • RMT

    Glad that was easy to disable…

  • TomsDisqusted

    “code can be remotely changed after installation”?? I don’t think so.

    • Andrew Jiang

      By that, it means that apps are capable of downloading additional jar files with new code after they’re installed, unbeknownest to you.

    • TomsDisqusted

      ‘m not aware of any such capability, and I rather doubt it. And Android doesn’t use jar files – the app is packaged in an APK and the only way to modify the APK is by updating the app.

    • It’s Me

      Umm, you might not think so, but that doesn’t change the fact that Android apps can in fact self update. Facebook stirred up a little $hitstorm a while back by doing just that. Google responded to the publicity of that move by banning the practice (their own sort of walled garden). But they didn’t really enforce it since the facebook app was still available, unmodified, for quite some time on the play store.

      Even now, as long as you can slip it by them, it is still technically possible, hence the need for this new initiative from Google. This is a very welcome and positive move by Google to protect their users from malware.

    • TomsDisqusted

      No, what FB did was to update the app by-passing the Play store. It was still a full normal update that would trigger Andoid’s existing anti-malware scan. It was not modifying itself. With the necessary permissions you can do a lot on Android, but you can’t modify your APK without doing an update or install.

  • Jeff Crouse

    Awesome as long as I don’t see Android os at above 11% battery usage

  • F Young

    “m alware”

    Is that a new word?

  • HD Z

    NSA / Google Spy

  • Alexandre P.

    What is the effect of Verify Apps on root or sideloaded apps/frameworks (i.e. Xposed framework, Xposed modules that may bypass security features, FDroid-loaded apps like AdAway which modifies the hosts file…)? Really curious to know if it would consider them as unsafe and would uninstall them…

  • Harold Mitchell

    Yet another intrusive action by Google to gain even more access to our personal data.

  • Scott

    well I guess the folks over at Lookout Mobile Security just threw their hands up in the air. Now Google is providing the same service they do.

  • rtg_500

    This is a good idea by Google , android needs a way to help non-power users stay out of trouble when downloading apps.