Google Play Protect Unveils Live Code-Level Scanning to Detect Android Malware
Google announced an update to its Play Protect service, introducing real-time scanning at the code level to combat new malicious apps before they are downloaded and installed on Android devices.
According to the tech giant, Google Play Protect will now suggest a real-time app scan during the installation of apps that haven't been previously scanned, helping to identify emerging threats.
Google Play Protect is a free built-in threat detection service that examines Android devices for potentially harmful apps from both the Play Store and external sources. In severe cases, it can prevent the installation of such apps.
This new feature builds upon existing safeguards that notify users when an app is known to be malicious based on previous scans or when it raises suspicions through on-device machine learning.
With these latest enhancements, the app's vital characteristics are extracted and sent to the Play Protect backend infrastructure for real-time code-level evaluation, determining whether it's safe to install or potentially malicious.
Google explained that this improvement is designed to better safeguard users against malicious polymorphic apps that employ various techniques, including AI, to evade detection. The feature is initially being rolled out in select countries, starting with India.
This security enhancement is crucial as threat actors continuously discover new methods to disseminate Android malware, often through deceptive links or APK files shared via messaging apps. It coincides with a revision to the Android Security Paper, offering a comprehensive overview of the platform's proactive security features, including hardware, anti-exploitation measures, Google Security Services, and various management APIs available for businesses and governments.
For Further reference