Google's Bouncer shows Android malware the door

It may have arrived a little too late for the owners of the 5 million phones that were infected recently, but Google has introduced an automated service designed to muscle out apps that contain malicious code, Computer World reports.

Bouncer, which Google formally introduced Feb. 2, scans the code of all newly uploaded apps for known instances of malware (including Trojan horses and spyware) before they make it to the Android Market. The system automatically rejects some apps that raise red flags and sets aside others for review.

Google says Bouncer's simulator function can can run apps exactly as they would appear to Android phone users, allowing it to check for any hidden behaviors that might require the apps to be flagged for later review. As Bouncer's ability to detect and analyze improves, it will also be able to go back and check apps that have already been published.

The introduction of Bouncer comes on the heels of the recent announcement from Symantec that as many as 5 million Android phones have been infected with some type of malicious code. As GCN reported, the code that affected 13 applications in the Android market was "a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device," in Symantec's words. But there is some question as to whether the code was even malware: Lookout Mobile Security said it was more likely an aggressive form of adware.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Reader Comments

Mon, Feb 6, 2012 earth

Pretty minimal liability response considering an app could have an interpreter built into it and receive program updates via any number of covert channels like in game ads. The problem is the Single point of trust at program installation vs. the post installation flexibility that allows free for all maliciousness in the name of the owner but without oversight by the owner. This is exactly the same mistake that Microsoft continues to make, default settings on Outlook allow someone to send you an e-mail that will take over your machine on receipt. Android needs to be changed to a decode, decide with default deny stance on its intents.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above