Google ‘Bouncer’ Now Scanning Android Market for Malware

Google on Thursday added a new layer of security to the Android Market, dubbed Bouncer, that will scan apps for evidence of malware.

The effort will automatically scan new and existing apps as well as developer accounts, “without disrupting the user experience of Android Market or requiring developers to go through an application approval process,” said Google’s vice president of engineering, Hiroshi Lockheimer, in a nod to Apple’s App Store process.

“Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans,” Lockheimer wrote in a blog post. “It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags.”

Google said it runs every app in its cloud infrastructure to simulate how it might work on an Android device to look for anything fishy. Developer accounts are also scrutinized to guard against banned individuals making a reappearance.

Android malware was big news in 2011. Unlike Apple, Google does not have a strict approval process in place for its Android Market, and while that might make for a more open environment, it also makes the store vulnerable to some dangerous apps.

“We’ve chosen not to be the gatekeeper,” Alan Davidson, now former director of public policy at Google, said during a May hearing on location tracking. “We don’t generally go back and try to make sure that every app does what it says it’s going to do. [Google is] really trying to maximize the ability of small app developers to get online.”

According to data from Juniper Networks, malware in the Android Market jumped 472 percent between July and November 2011. Google said today, however, that it saw a 40 percent decline in the number of potentially malicious downloads on the Android Market between the first and second halves of 2011.

“This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise,” Lockheimer wrote. “We know the rate is declining significantly.”

After announcing the discovery of the most widespread piece of Android malware, Android.Counterclank, Symantec today retracted its claim to align with rival Lookout’s more muted assessment.

Last month, in hopes of capitalizing on Google’s mobile security problems, Microsoft offered free Windows Phones to Android malware victims.

For more from Chloe, follow her on Twitter @ChloeAlbanesius.

For the top stories in tech, follow us on Twitter at @PCMag.

Article source: http://www.pcmag.com/article2/0,2817,2399778,00.asp?kc=PCRSS03069TX1K0001121

View full post on National Cyber Security » Virus/Malware/Worms