Due to Android’s open nature, it’s easier for hackers to create malware on the platform. Thankfully, however, Google’s engineers work around the clock to ensure that Android remains as malware-free as possible. In fact, the company has detailed exactly how it keeps malware away from the Google Play Store and Android, even when that malware tries to fight back.
According to Google, every single Android app gets scanned for viruses, malware, and other code that could be harmful to users. Sometimes, however, malicious apps still make it through and sometimes those apps eventually make it onto users’ devices.
So how does Google combat that? Well, the company keeps a close eye on apps after they are installed and how those apps behave on a phone, ensuring that users’ data isn’t compromised. If an app starts tampering with a phone’s security protocols and cuts the connection between a phone and Google’s servers, Google can monitor how many phones are disconnecting from the server and if those lost connections often happen after the app is installed. If the number of apps that disconnect reaches a certain threshold, Google will reexamine the app to ensure that it does not contain malware.
This is not the only way that Google checks for troublesome apps but it’s one of the more effective. In fact, Google says it has caught and flagged 25,000 apps in only three families of malware using this method, with those families being Hummingbird, Ghost Push, and Gooligan. Hummingbird, you might remember, was able to get in and infect 10 million devices, but that figure could be much higher if Google wasn’t looking for malware.
None of this means that you shouldn’t be careful when downloading apps — in fact, you should only download apps that you know came from verified sources, and never hand over login details to apps that don’t seem trustworthy.