Google has been marred with malware attacks on its Android Market, but it has been quietly developing a service called Bouncer which scans all the apps in the Android Market, including every new submission. It not only scans current and new applications, it also scans developer accounts so that repeated offenders are caught when they open a new account to cause havoc with.
Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.
Bouncer was tested in 2011 and Google reports a 40% decrease in the number of “potentially-malicious” downloads from the market between the first and second half of 2011.
Although Google agrees it can’t stop malware completely, it can prevent most of it from entering the Market. “Bouncer” is a step truly in the right direction.
