New version of Play Store app hints at built-in malware scanner


A new version of the Play Store app has been released and it is starting to roll out to Android owners. Google Play Store 3.9.16 includes the ability to remove apps from the All Apps list. This is particularly useful if you have tried various free apps and chose not to use them. At the moment the All Apps list can become quite cluttered as it remembers every app you downloaded from the beginning of time. However more intriguing is that the contents of the .apk file (that is the application package file, the way apps are bundled up and distributed) contains references to a built-in malware scanner and a wish list feature.

Inside every .apk file is a bunch of XML (Extensible Markup Language) files which describe various things about the app. Among these XML files is a list of the text that is displayed in the app. In an internationalized app like the Play Store there are different strings for each language. Included in the string list for the new version are questions and sentences about malware being detected. Specifically

Installing this app may harm your device
Installation has been blocked
Google recommends that you do not install this app.
To protect you, Google has blocked the installation of this app.
I understand that this app may be dangerous.
Verify apps?
Allow Google to check all apps installed to this device for harmful behavior?
So what can we understand from this? All these strings are part of a built-in malware package that seems to have two modes of operation. First it will check apps which you are about to install and see if they are considered dangerous. It probably needs to go online to do this and it likely verifies the signature of the .apk file which you want to download against a malware database. Interestingly, Google just bought an online virus database called “Virus Total.”

It also seems that there is functionality to scan all installed apps to check for any malware. Again each app would be checked against an online database. There may also be some heuristics which check for odd permissions etc.Until now such scanning and detection of malware has been left to third party tools like Avast and Lookout, but with this new functionality it would seem that every Android device with Google Play installed (meaning every officially supported Android device) will have a built-in anti-virus app. Of course there is one flaw in this grand plan to tighten up Android security. Devices without Google Play installed (and there are plenty, especially in Asia and China) still won’t be protected.

As well as the malware strings, the new .apk includes text about a wish list. There are strings for adding items to a wish list and also for removing them. However the most informative string is: “There are no items in your wishlist. To add items, tap the bookmark whenever you see it in the menu above.” Fairly self-explanatory! If Google add a wish list feature does that mean that it will also add the ability to gift apps to other people! Let’s hope so!It will be interesting to see how this unfolds. Is all the software ready yet? Does it just require a flick of a switch at Google’s end to activate it all? We don’t know yet, but for sure when we find out we will let you know.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>