Google sends in Bouncer to sort out malicious apps

News 3 Feb, 2012

The tech giant finally brings in extra security for the Android Market.

Google has created a service for scanning the Android Market for potentially malicious apps, claiming it won’t disrupt users’ experience.

It will perform scans on new applications, apps already in Android Market and on developer accounts as Google looks to clamp down on the malware scares threatening its mobile OS.

“Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and Trojans,” said Hiroshi Lockheimer, vice president of engineering at Android, in a blog post.

No security approach is foolproof, and added scrutiny can often lead to important improvements.

“It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analysed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior.

“We also analyse new developer accounts to help prevent malicious and repeat-offending developers from coming back.”

Despite all the anxieties surrounding Android security, Google sought to allay fears by saying it has seen a 40 per cent decrease in the number of potentially-malicious downloads from Android Market.

“No security approach is foolproof, and added scrutiny can often lead to important improvements,” Lockheimer added.

“Our systems are getting better at detecting and eliminating malware every day, and we continue to invite the community to work with us to keep Android safe.”

Earlier this week, Symantec raised concerns about a number of apps appearing on the market. It subsequently backtracked, however, after it emerged the applications were not really malicious, but were instead being used by an advertising network.

Nevertheless, various Android threats have appeared on the official market. A year ago, the DroidDream malware was downloaded by vast swathes of Android users before Google removed it from sale.