New Google scanner will scour Android devices for malware

lego bug squashing cropped
Credit: floodllama via Flickr

Google has launched a scanner that will continuously monitor Android devices for malware.

This takes the search giant’s malware protection beyond Google Bouncer -- which scans apps on Google Play for signs of malicious activity -- and scans of Android apps as they are being downloaded onto smartphones and tablets.

In a blog post published on Thursday, Android security engineer Rich Cannings wrote, “Building on Verify apps, which already protects people when they’re installing apps outside of Google Play at the time of installation, we’re rolling out a new enhancement which will now continually check devices to make sure that all apps are behaving in a safe manner, even after installation.”

Many third-party sites are loaded with malware-ridden Android apps, resulting in security firms repeatedly reporting exponential growth in malware targeting the open source mobile OS. Data from an Alcatel-Lucent report in late January show that 11.6 million mobile devices were infected in the fourth quarter of 2013, with Android accounting for “60% of total mobile network infections.”

That’s about 7 million infected Android mobile devices. Last September, Google announced it had passed the 1 billion mark for Android activations. At a pace of 1.5 million activations a day, that means there were around 1.15 billion Android devices active in Q4, of which 7 million were infected. So roughly one out of every 164 Android devices was infected with malware.

It sort of puts the Android malware epidemic stories (of which I’ve written my fair share) in perspective. Cisco’s 2014 Annual Security Report, for example, says that “99% of all mobile malware in 2013 targeted Android devices.” Yet the percentage of Android devices actually infected in Q4 was less than 1%. Either the vast majority of malware creators are incompetent, users are exercising greater caution in downloading apps, or Android’s malware-scanning efforts are effective.

Granted, if you’re CIO of an enterprise with 10,000 Android devices connecting to your network and accessing your data, the numbers say you’re dealing with 60 or so infected devices. If that CIO is supporting an equal number of iPhones and iPads, we could be talking about a handful of infected devices at most.

That’s the main reason why iOS still leads Android in enterprise deployments; IT pros generally prefer to avoid unnecessary security risks. But with Android nearing 90% market share, and consumerization driving technology choices in the enterprise, Google’s mobile OS is virtually impossible to avoid.

Fortunately, not only has Google made vast improvements to Android security over the past year, even more enterprise-friendly security upgrades are in the works. Among those is the ability to remotely delete corporate data from a BYOD device, an essential feature for enterprises supporting personal devices.

Third-party Android security vendors also offer remote lock and wipe, as well as malware and virus protection. But as I noted last week, native Android security features – along with Google’s malware scanning services – are nearly at the point where, for users at least, third-party security may not be necessary.

Join the discussion
Be the first to comment on this article. Our Commenting Policies