Google: Developers add malware to Play Store apps afterwards

Google states that after some time, malicious developers dare to add malware to their apps from the Play Store. This practice is called versioning and means that after downloading the apparently reliable app, code can be added to the app via a separate server.

In the annual security report from the Google Cyber ​​Security Team it can be read that there are rogue developers who offer a first version of their app via the Google Play Store. That version passes all checks of the app store and, according to Google, is therefore reliable. However, once the app has been installed, it can be updated after some time via a separate server containing new code. This new code may contain malware and in some cases looks for sensitive information from the end user. According to Google, this practice is called versioning.

Google specifically mentions apps used in the business world. The American company believes that enterprise users should only allow apps and app updates that come from reliable sources such as the Google Play Store or from the company’s own mobile device management platform.

The American company states in the report that less than 1 percent of all apps in the Google Play Store are potentially dangerous. It is not clear whether the apps that do versioning are also included in this estimate. The company says it extensively checks the Play Store for potentially dangerous apps, but that in some cases developers can still bypass the checks.

Excerpt from the Google Cyber ​​Security Team’s Threat Horizons Report