Google Bans Thousands of Play Store Developer Accounts to Block Malware

  /     /     /  
Publicated : 23/11/2024   Category : security


Google Bans Thousands of Play Store Developer Accounts to Block Malware


Last year, Google banned 173,000 developer accounts and prevented 1.5 million apps from reaching the Play Store as it fought policy violations and malware.



Google had a busy 2022 keeping its Play application marketplace free from cybercriminals, reporting on Thursday that it had prevented 1.43 million policy-violating apps from being published.
The company credited the results to a combination of new and improved security features and policy enhancements, including requiring additional identity verification methods (such as phone number and email) before developers can join the popular ecosystem.
Google also highlighted the benefits of its continuous investments in machine learning (ML) systems and app review processes, which it says helped it ban 173,000 malicious accounts and prevent more than $2 billion in fraudulent and abusive transactions.
We continued to partner with [software developer kits] SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over one million apps on Google Play, the company wrote in a
blog post
. With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500,000 submitted apps from unnecessarily accessing sensitive permissions over the past 3 years.
The companys app security improvement program, a service provided to Google Play app developers to improve the security of their apps, helped developers fix roughly half a million security weaknesses across roughly 300,000 applications.
Meanwhile, the company expanded its Helpline pilot offering phone support to developers and launched the Google Play Developer Community pilot program, where developers can offer guidance and best practices on designing safe apps.
As the Android ecosystem expands, its critical for us to work closely with the developer community to ensure they have the tools, knowledge, and support to build secure and trustworthy apps that respect user data security and privacy, the post continued.
In 2019, Google announced the creation of the
App Defense Alliance
in partnership with ESET, Lookout, and Zimperium, with McAfee and Trend Micro joining recently as partners.
The company has also worked to enhance the Play Integrity API, designed to protect user apps and games from potentially risky and fraudulent interactions, with plans to expand access to automatic integrity protection this year.
Despite Googles ramped up security efforts, the
market for malicious Google Play applications
and app-takeover tools is thriving.
Malicious actors are still managing to breach defenses, to which the
recent deployment of Goldoson malware
— which was downloaded 100 million times — attests.
Discovered and named by researchers at McAfee Labs, Goldoson can perform a variety of nefarious activities on Android-based devices, such as performing ad fraud by clicking advertisements in the background without the users consent or knowledge.
In December 2022, researchers discovered
the banking Trojan Godfather
, a type of Android malware masquerading as a legitimate application on the Google Play store, which racked up more than 10 million downloads.
Sophisticated malware like SharkBot, which was hidden in apps masquerading as antivirus tools, also
proved tricky for Google Play to eradicate
, deploying methods like Domain Generation Algorithm (DGA) and geofencing capability to bypass Googles protections.
Theres currently a debate underway as to whether the updated Terms of Service (ToS) for Play — which states Google may
remove harmful applications from users devices
— goes too far.
The 130-word paragraph focused on malware protection is raising eyebrows among some privacy experts, who argue the language is too ambiguous — the ToS also does not commit Google to tell users when it makes such a deletion.
Back in April, Google also
announced
Play would hide outdated apps that dont support the latest Android features, part of its
Target Level API requirements plan
aimed at boosting user security.

Last News

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security

▸ Fully committed to the future world of technology. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Google Bans Thousands of Play Store Developer Accounts to Block Malware