Google is struggling to keep malware out of the Play Store these days. Recently, literally thousands of malicious apps were discovered, and Google has been busy banning them. This represents a significant reversal of fortunes for the tech giant, which in recent years has been able to brag about its success, relative to other companies, in keeping malware at bay. For example, only 0.05 percent of Android devices had downloaded malware in 2016.
Times, however, are changing.
Among the malicious apps recently discovered was an app called Soniac that, according to security researchers from Lookout, was capable of executing an impressive (and dismaying) 73 different remote instructions, including the ability to take photos and make audio recordings without the user’s permission.
Although the authors of the Soniac family of apps are not known at this time, the best available forensic evidence points to a group of Iraqi hackers who have been distributing malware designed around functionally similar code at a frantic pace over the past several months.
As the security pointed out, these actors, whomever they are, have demonstrated their ability to slip their code past the gateways and checkpoints Google relies heavily on, and get their wares into the app store. Although Google did finally catch them and remove them from their Play Store, it’s a safe bet that we’ll be seeing more from the group in the months ahead.
Historically, it has always been easier to attack than to defend, and Google is feeling the pressure from this latest incursion. Although they could not be reached for comment about this issue and what they’re doing to prevent such apps from hitting the Play Store in the future, if the past is any guide, the company is already preparing a new, even more robust set of security protocols that will hopefully turn the tide back in the its favor.