Google’s AI stops more malicious and fake appsThursday, February 1, 2018
In 2017, Google fought against hackers and took down more than 700,000 insecure and malicious apps that violated company policies, a 70 percent increase over 2016, crediting AI with the increase.
It's no secret that Google has been developing a wide range of powerful AI and Machine Learning tools, but now some of the results can be seen in the wild. The search giant took down more than 700,000 apps that violated Play Stores policies last year, a 70 per cent increase over 2016, and significantly improved its response time to rogue apps being uploaded.
“We've also developed new detection models and techniques that can identify repeat offenders and abusive developer networks at scale. This resulted in taking down of 100,000 bad developers in 2017 and made it more difficult for bad actors to create new accounts and attempt to publish yet another set of bad apps”, said Andrew Ahn, the Google Play product manager, in a blog post.
Google also took down more than 250,000 copycat apps and "tens of thousands" of apps violating policies against apps that feature hate speech, illegal acts and porn. Meanwhile, the number of Potentially Harmful Applications were reduced by 50 per cent year over year, a feat attributed to the launch of Google Play Protect in 2017. “Finding these bad apps is non-trivial as the malicious developers go the extra mile to make their app look as legitimate as possible”, explained Andrew Ahn.
The problem of fake apps is certainly considerable - one fake WhatsApp app from the official Google Play store was downloaded around one million times before being spotted. Called Update WhatsApp Messenger, it appeared to have been developed by WhatsApp Inc, but the attackers had replaced the space with a character that looked similar at first glance. The app not only ran third party ads, but also could download other software to the device, according to media reports. Indeed, the number of malicious Android apps has risen steadily in the last four years, from just over a half million in 2013, 2.5 million in 2015 and rising to 3.5 million in 2017, according to research from Sophos.
Ilia Kolochenko, CEO High-Tech Bridge explained the background to the rise: “A compromised mobile phone is even more critical than a personal computer or account on a website. Users tend to store huge amount of personal and very sensitive data on their mobile devices, including their photos, financial information, passwords for dating and health apps, access codes for the offices, and even strictly confidential data of their employers.
“A compromised mobile device can lead to irreparable harm in terms of financial and reputational damage. Users were reluctant to update their Windows XP machines fifteen years ago, now they demonstrate the same carelessness towards their mobile phones. If nothing changes – cybercriminals will skyrocket their illicit income from ransomware, blackmailing, and data theft affecting mobile phones. Continuously keeping your mobile phone up2date, avoid jailbreak (iPhone) and rooted (Android) device, prudence when installing new apps – these simple precautions can prevent 99 per cent of attacks against your mobile crown jewels.”
Researchers from High-Tech Bridge tested a range of popular cryptocurrency apps from the Google Play store recently, and uncovered disturbing results. Using High-Tech Bridge’s free online service Mobile X-Ray, a dynamic, static and interactive testing service for mobile applications, they found that 94 per cent of applications contained at least three medium-risk vulnerabilities, and a further 77 per cent contained at least two high-risk vulnerabilities. Of these most popular apps (with more than 500,000 installations), a massive 94 per cent were still using SSLv3 or TLS 1.0 banned by PCI DSS, and 66 per cent of them were sending [potentially] sensitive data without any encryption over HTTP.