Categories: Technology

Google Explains How It Spots Malicious Android Apps

Android’s Verify Apps feature performs malware scans on newly downloaded applications to make sure they’re safe. However since some malicious Android apps can prevent the feature from working, the company had to find an alternative way to figure out if a phone stopped using Verify because you no longer use it or if it’s due to malware lurking in your device.

In a detailed blog post on Android Developers, Google explains the state-of-the-art methods it employs to examine the safety of a selected application, even in cases in which Verify’s verdict is unavailable. The post delves into the problematic algorithms and security practices that Google makes use of to proactively become aware of and mitigate potential threats posed by means of malicious apps, highlighting the company’s ongoing commitment to safeguarding personal facts and enhancing the general protection of the Android ecosystem.

“To understand this problem more deeply,” the post reads, “the Android Security team correlates app install attempts and Dead or Insecure (DOI) devices.” To note, the team marks devices that stopped checking up with Verify as DOI and those that continue to use the feature as “retained.”

The protection team utilizes particular components to calculate the app’s retention charge, which is essentially the share of all devices that have been retained after downloading it within a single day. This calculation involves thinking about different factors and records points to make certain an correct assessment of the app’s overall performance in phrases of consumer engagement and durability.

N = Number of devices that downloaded the app.

x = Number of retained devices that downloaded the app.

p = Probability of a device downloading any app will be retained.

Z = Represents the DOI score.

© Google

If Z or the DOI score falls below -3.7, it means a large number of phones or tablets stopped checking with Verify the moment they installed the app. After Google inspects the app more closely, it conducts a thorough analysis to ascertain whether it poses any genuine harm. If deemed harmful, Google takes proactive measures by first removing any existing installations and subsequently implementing safeguards to prevent any future downloads of the app.

The company highlighted that implementing this specific method significantly enhanced the Security team’s ability to uncover numerous applications that were compromised by malware strains such as Hummingbad, Ghost Push, and Gooligan in previous instances. Without the utilization of this approach, these potentially harmful apps could have easily evaded detection.

Article Originally from Google 

Recent Posts

5 Ways Uri Ansbacher Balances Financial Success and Social Responsibility

Business success and social responsibility are becoming increasingly entwined, which makes Uri Ansbacher’s fresh perspective…

8 hours ago

How Generative AI Is Changing Sales

Thriving in sales has never been easy. It’s a fast-paced, chaotic landscape, filled with unique…

9 hours ago

What Are White Label PPC Services and How Do They Work?

White-label PPC services are a simple way for businesses to provide Pay-Per-Click advertising without having…

10 hours ago

111 Win: Game On And Win Big!

The online gaming landscape is brimming with options, but finding a platform that excels in…

11 hours ago

Tiranga Games: Your Ultimate Gaming Destination

The world of online gaming is constantly evolving, offering a myriad of options for entertainment,…

12 hours ago

Want To Sell Your Car? Here’s What You Need To Know About Valuation

If you're considering selling your car in India, getting the valuation right is crucial for…

13 hours ago