Nov 30 2016: App-installing malware found in over 1 million Android phones

Back in Nov 30 2016: App-installing malware found in over 1 million Android phones

A new malware campaign called "Googlian" has infected over 1 million Android devices, compromising them at a rate of 13,000 per day. The malware targets vulnerabilities in Android versions 4 and 5, spreading through seemingly legitimate apps in third-party app stores, and takes control of a user's device once a malicious app has been installed.

Although Google says the malware isn't accessing personal data, it compromises the device's Google authorization token, giving it access to the user's Google account. The malware authors are using their power to boost app rankings in the Google Play Store. A tool has been built to check if a device is infected, and reinstalling the system software will completely remove it. However, only a quarter of Android devices released in the past year are protected, leaving the majority vulnerable to the attack.

Fast forward to Oct 18 2023: Google bulks up Android’s malware defenses to combat new tricks, including AI

Google is upgrading Android's Play Protect system to better detect and protect against malicious apps that use artificial intelligence to avoid detection. The update comes in response to an increase in polymorphic malware, which is more difficult for existing systems to detect.

In addition to existing scanning intelligence and on-device machine learning, Play Protect will now recommend a real-time app scan for apps that haven't been scanned before. Google Play Protect is available on most Android devices and scans 125 billion apps daily.

How is Google beefing up Android's malware defenses to combat new tricks and artificial intelligence?