Google Bouncer Tosses Malware From Android Market
Google has been using an automated malware scanner called Bouncer to find and toss malicious apps from the Android Market, which has had to deal with several instances in which malware was downloaded onto thousands of Android smartphones.
Google said Thursday that the service was responsible for a 40 percent drop in the number of malware downloads between the first and second halves of 2011. The company said the decrease has occurred while vendors that sell security software for Android smartphones have said the amount of malware on the market is on the rise. Such vendors have included Juniper Networks, which released a report in November.
" While it’s not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market - and we know the rate is declining significantly," Hiroshi Lockheimer, vice president of engineering for Android, said in the company's blog.
Google has taken the offensive against security vendors that latch onto Google's open approach to having apps placed in the market, a system they see as not providing adequate security. Unlike Apple, Google does not have dedicated staff vetting each app before it is made available online.
Security vendor McAfee, which is owned by Intel, said Bouncer was "a good initial step in protecting Android users," while cautioning that additional protection was still needed against malware not just in the Android Market, but in third party stores.
"By itself Bouncer is not enough to clean up all infected devices or to keep all malware out of the market," Jimmy Shah, a mobile security researcher, said Friday on the company's blog.
Bouncer scans new and current apps in the market for malware and for behavior that would indicate malicious intent. The service also analyses new developer accounts to prevent malware makers from returning after they've been banned.
The most recent large-scale malware discoveries on the Android Market were in December. Security software maker Sophos reported 10,000 users downloaded clones of malware-carrying popular games, before Google removed them.