Google, ESET, Lookout, and Zimperium have announced the creation of the App Defense Alliance, whose goal, as the name implies, is to identify malicious applications and protect users.The companies will combine the threat detection mechanisms and ultimately improve the security verification mechanisms that Android applications pass before being published to the Play Store.
“Our research partners in the mobile security world have built successful teams and technology, helping us in the fight. Today, we’re excited to take this collaboration to the next level”, — reported in Google.
Currently, when a developer creates an Android application and submits it for review in the official Google Play Store, Google employees study it only using Bouncer and Google Play Protect.
“The Lookout Security Cloud has analyzed more than 80 million mobile apps in the last 10 years. Our participation in the App Defense Alliance further extends our massive data set and analysis capability to help stop malicious apps before they’re even introduced to the Google Play Store”, — said Jim Dolce, CEO, Lookout.
Although in the past, representatives of the IT giant claimed that Play Protect protection worked fine, experts disagreed with them. For example, according to AV-TEST, Google Play Protect can hardly be relied on, since the Google system only blocks 62% of malicious files during real-time tests, while the average among protective solutions is 97.8%.
As a result, the malware penetrates the official application catalog every now and then, bypassing all checks. For example, malware can be downloaded to the victim’s device later, after the user has installed a seemingly harmless application. Or the malware can be equipped with a special timer and begins to show malicious activity only a few hours or even days after installation.
So, according to ESET experts, only in September 2019, 172 malicious applications were detected on the Play Store, which totaled more than 335 952 400 downloads.