It turns out that Android's stray app safety check function allows some fraudulent apps and fake apps to pass through.



On October 18, 2023, a security feature for Android was announced

: ``Real-time scanning for threats when installing apps from locations other than Google Play .'' TechCrunch, an overseas media outlet, has reported the results of actually installing multiple apps and verifying the effectiveness of this security feature.

Android's new real-time app scanning aims to combat malicious sideloaded apps | TechCrunch
https://techcrunch.com/2023/11/04/google-play-android-real-time-app-scanning-sideload-apps/

On Android, you can directly download and install apps distributed outside of Google Play. Google has previously conducted a check to see if it matches an existing threat for apps that are directly installed, but on October 18, 2023, it will perform a real-time scan for threats at the time of installation. It has been announced that security will be strengthened. An overview of the real-time scan function is summarized in the article below.

Introducing a function to scan for dangers when installing stray apps distributed outside of Google Play - GIGAZINE



When you use the real-time scan function, a threat scan is performed when an app is installed, and if it is determined that there is a threat, a screen will be displayed instructing you to interrupt the installation. TechCrunch installed multiple types of apps and verified the performance of the scanning function.



First, when he tried to install multiple spy apps of the type that ``secretly install on other people's smartphones and spy on location information and communication contents'', all spy apps were judged to be ``threat''. On the other hand, installation of 5 fraudulent apps that ``make people upload their contact information in the name of fraud prevention and send threatening messages to those contacts'' was allowed, and ``the apps were created to look exactly like existing apps.'' The installation of 2 out of 2 'fake apps' was allowed.

TechCrunch's review revealed that while the real-time scanning feature is somewhat reliable, it's not perfect. Google spokesperson Scott Westover told TechCrunch, '[The real-time scanning feature] will continue to improve as Android collects and analyzes new types of threats,' adding Indicates that performance is expected to improve.

In addition, Google is strengthening security not only outside Google Play but also inside Google Play, and on November 2, 2023, Google will add a ``banner indicating that it has been audited by an independent security auditing agency'' on Google Play. A function to be displayed on the app introduction screen has been

announced . The banner display will first be rolled out to specific genres of apps, including VPN apps.



Related Posts:

in Mobile,   Software,   Security, Posted by log1o_hf