Companies Google, ESET, Lookout and Zimperium announced the creation of the App Defense Alliance, whose purpose, as the name implies, will be to identify malicious applications and protect users. The companies will combine the threat detection mechanisms and ultimately improve the security verification mechanisms that Android applications pass before being published to the Play Store.
Currently, when a developer creates an Android application and submits it for review in the official Google Play Store, it is only studied by Google employees using Bouncer and Google Play Protect.
Although in the past, representatives of the IT giant claimed that Play Protect protection worked fine, experts disagreed with them. For example, according to AV-TEST, it is hardly possible to rely on Google Play Protect, since the Google system only blocks 62% of malicious files during real-time tests, while the average among protective solutions is 97.8%.
As a result, the malware penetrates the official application catalog every now and then, bypassing all checks. For example, malware can be downloaded to the victim’s device later, after the user has installed a seemingly harmless application. Or the malware can be equipped with a special timer and begins to show malicious activity only a few hours or even days after installation. So, according to ESET experts, only in September 2019 in the Play Store was found 172 malicious applications, which totaled more than 335,952,400 downloads.
Now, Google finally decided to acknowledge the existence of the problem, and the App Defense Alliance was created to solve it, within which the Google Play Protect detection systems will be integrated with the antivirus solutions of the partners.