All the Android smartphone users mostly go to their Google play store for any apps they need. It seems to be convenient and the users trust Google play Protect so that they are assured that the apps being downloaded are safe and will not hamper the data of the smartphone. However, this is just a small picture of the google play store.
The long-time Android users might have read reports almost every month on how a couple of heavily-downloaded apps were spotted housing malware. Users should be alert while downloading the apps that are not very popular.
According to a Russian Cybersecurity firm there are different costs involved in different malware to function on the Play Store. For example it costs around $2000 to $20000 for a “loader” that injects malware to an already existing app by crossing the Google Play Protect. The apps are available on the Google Play Store that has almost 5000 downloads and there is no threat until there is an update. Though Google promises security, the users should be careful while using the official Android app store.
Making Malware is a profitable Industry
The amount of money people generate from injecting the malware on the Google Play store, there are many players that are eyeing on the game. Play protect is enabled to recognise the known attacks rather than the new ones. Many attackers can bypass the security designed for Google Play Protect easily.
The fact is no apps are completely safe. Any app can be purchased to load one’s own malicious code. The end users will receive the notification to update the app by the developer and once it is updated the users compromise on their data. This is the reason most of the apps are not recognised as malicious.
There is a flaw in Google Play Store that an already recognised app of the play store can be purchased to distribute malware. Google Play Protect offers security but it is not as powerful as it may seem.
Defense is to limit the app installation
The user can at best provide defence to oneself by installing limited apps. The fewer apps installed will be less likely to have malicious code. Every user should keep an eye on the permissions requested for different apps.
Apps from established developers are more trustworthy compared to the apps from lesser-known developers. Opposite might also happen but the probable chances are less. Users can also limit the type of apps to be installed as reports suggest that apps like cryptocurrency trackers, financial apps, QR code scanners and dating apps are the most potential carrier of malware.
However, relying mostly on users’ intelligence and diligence for security suggest that Google needs to take further steps for security. Yealy Android update like the recent Android 14 comes with a security update. Google play protect is a core defence mechanism as not every phone gets an update to the latest version of android but one needs to keep it updated if one receives it.