TECH
12/11/2012 06:47 pm ET

Android Malware Still Sneaking Past New Security Feature, Researcher Finds

Last month, Google unveiled a new security feature that sought to stop what experts have warned is a growing problem on Android phones: malware.

But a security researcher on Tuesday said the service fails to detect the vast majority of harmful apps.

Smartphone owners running Android 4.2 and later with Google Play installed can use the new security service, which is supposed to flag unsafe apps and send users messages that say, “Installing this app may harm your phone” or “Installation has been blocked.” If a user receives the latter message, Google prevents the app from being installed.

But Xuxian Jiang, an associate professor computer science at North Carolina State University, tested Google’s new security service and found it detected only 15 percent of known malicious apps as being dangerous. His research was based on 1,260 samples of malicious code from the Android Malware Genome Project, an initiative run by the university to analyze cybersecurity threats on mobile devices.

He noted that VirusTotal, a cybersecurity software company that Google bought in September, worked better than the security feature that Google unveiled last month. However, VirusTotal has not yet been integrated into Google's new app verification service.

A Google spokesperson said the findings focused on a group of malware "that may not be representative of actual conditions," while Google's new app security service "uses real-world data and multiple detection techniques to protect against Android malware."

"We go after threats users are most likely to face," the spokesperson said.

Security experts have repeatedly warned that the number of malicious Android apps is growing, partly because Google’s method for policing its mobile app store has been less stringent than Apple’s system for keeping malware out of its mobile app store.

Such claims have prompted Google to unveil new mobile security features over the past year. In February, Google unveiled “Bouncer,” which was supposed to flags bad apps before they entered Google’s app store, known as Google Play.

In June, security researchers claimed they had found a workaround that allows hackers to sneak dangerous apps past Bouncer.

"No security approach is foolproof, and added scrutiny can often lead to important improvements," Hiroshi Lockheimer, Android vice president of engineering, wrote in February.

CONVERSATIONS