"Google Play Protect Gets Real-Time Code Scanning"

Google recently announced improved protections against malware for all Android devices with Google Play Services in the form of real-time scanning at code level in Google Play Protect.  Google Play Protect scans over 100 billion applications daily to prevent malware and unwanted applications from reaching Android devices.  Google noted that once it identifies nefarious software, Google Play Protect can either send a warning, block an application’s installation, or completely disable the software.  According to Google, cybercriminals rely on social engineering to trick users into installing malicious applications outside of Google Play to infect their devices with polymorphic malware.  Google noted that Google Play Protect can scan devices for harmful applications that have been installed outside of Google Play, warning users when it identifies suspicious software or an application known to be malicious.  Now, Google is stepping up Google Play Protect’s security capabilities with real-time scanning at the code level, which will trigger when installing an application that has never been scanned before, prompting the user for a scan.  Google noted that scanning will extract important signals from the app and send them to the Play Protect backend infrastructure for a code-level evaluation.  Once the real-time analysis is complete, users will get a result letting them know if the app looks safe to install or if the scan determined the app is potentially harmful.  Google says the new capability should help detect emerging threats, protecting users from malicious polymorphic apps that rely on various techniques, including AI, to modify their features and avoid detection.

SecurityWeek reports: "Google Play Protect Gets Real-Time Code Scanning"