In late 2018, Forbes reported that half a million Android users downloaded a virus from Google Play disguised as a racing game. Just a year earlier, Israeli cybersecurity firm Check Point Software Technologies discovered an Android virus that charges users’ phone bills for fraudulent text messages hidden in 50 apps on the Android Market. The infected apps were collectively downloaded 21.1 million times before Google finally removed them.
Google Play, also known as Android Market, is the online store where Android users download mobile applications. Launched in October 2008 with some 50 apps, Google Play is home to more than a million apps in a decade. Although Google has tried to keep malware off its platform, new reports of infected Google Play apps appear every year. Fortunately, you can reduce the risk of downloading malware by following a few simple best practices to stay safe online.
History of Android and malware
By default, Android devices are safe from “hard drive downloads” or malicious code that is downloaded to your device without your consent or knowledge. Unless you manually change your security settings, you will always receive a notification before any new software is downloaded or installed. In other words, the only way to get a virus on your Android device is by willingly downloading it.
Unfortunately, cybercriminals have gotten very creative in hiding malware inside seemingly harmless apps and uploading them to Google Play. This type of malware not only slows down your device, but can also steal your personal data, including your phone number, email addresses, and even your GPS coordinates. Once infected with malware, your device becomes vulnerable to even more external attacks.
Compared to Apple’s App Store, Google Play’s track record with malware is less than stellar. Why is it so? Google and Apple have very different approaches to apps. While Apple operates within a tightly controlled system where developers must adhere to Apple’s strict requirements, Google tries to keep the installation approach as open as possible. With Android, you can conveniently install apps through various means, including Google Play, non-Android stores, and sideloading apps. When submitting their apps, developers have to negotiate a lot of red tape with Apple, which is not the case with Android and one reason why malicious apps are more often distributed through the latter system.
How Google Play fights malware
Google started taking malware in its app store seriously in 2012 with the launch of an Android security feature called Bouncer. Bouncer scans Google Play for malware and removes suspicious apps before they reach users. In the year it was released, the number of infectious apps on the mobile store dropped by just 40 percent. Security experts quickly found flaws in the system, and cybercriminals learned how to disguise their malicious apps to subvert Bouncer.
Google later introduced a built-in malware scanner for Android devices called Google Play Protect, but it hasn’t fared much better than Bouncer at detecting apps that contain viruses. In comparative studies of various antivirus programs, Google Play Protect ranks last. Google finally implemented a human review process for apps in 2016; however, bad actors are always finding new ways to bypass Google’s anti-malware measures, so it’s up to individual Android users to keep their devices safe.
How to protect yourself from malware on Google Play
You can take the following preventive measures to reduce the risk of installing infected apps:
- Only download from reputable sources like Google Play or the Amazon Appstore. Although Google Play is not 100% safe from malware, it is safer than downloading unofficial apps.
- Take a look at app reviews. People often rate an infected app poorly and usually warn others through app reviews.
- Use strong antivirus protection, such as Lookout Mobile Security, AVG, or Norton.
- Do not root your device or change the default security settings.
How to know if you have downloaded a virus from Google Play
It’s not always obvious that an app you’ve downloaded is malicious. In fact, cybercriminals rely on users’ ignorance to steal their data. If your device is running slower than normal, the cause could be a virus or low storage. If you’re suddenly bombarded with ads in your phone’s notification bar, or if you notice mysterious icons appearing on your home screen, there’s a good chance you have malware.
Do you think you have downloaded a virus from Google Play? Learn how to get rid of an Android virus from your phone.